tembodiaries.com Open in urlscan Pro
185.61.152.73 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://tembodiaries.com/
Submission: On May 15 via automatic, source urlhaus (May 15th 2023, 8:16:42 pm UTC) — Scanned from GB

Summary HTTP 175 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 23 IPs in 7 countries across 28 domains to perform 175 HTTP transactions. The main IP is 185.61.152.73, located in United Kingdom and belongs to NAMECHEAP-NET, US. The main domain is tembodiaries.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on March 7th 2023. Valid for: a year.

This is the only time tembodiaries.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
43	185.61.152.73 185.61.152.73	22612 (NAMECHEAP...) (NAMECHEAP-NET)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 6	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	162.241.173.223 162.241.173.223	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
14	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 19	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	3.73.102.15 3.73.102.15	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.53.219 35.210.53.219	15169 (GOOGLE) (GOOGLE)
4 4	37.157.6.237 37.157.6.237	198622 (ADFORM) (ADFORM)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5 5	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
2 2	18.195.62.93 18.195.62.93	16509 (AMAZON-02) (AMAZON-02)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:486e:86f2:9a46:8bb5	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
175	23

43 185.61.152.73 (United Kingdom)

ASN22612 (NAMECHEAP-NET, US)
PTR: business36-5.web-hosting.com

tembodiaries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.eddytravels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.241.173.223 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: cs305.bluehost.com

sitkatheme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 142.250.186.130 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.73.102.15 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-102-15.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.53.219 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 219.53.210.35.bc.googleusercontent.com

pool.admedo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.237 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.80.39.216 (Canada) 5 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.195.62.93 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-62-93.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:486e:86f2:9a46:8bb5 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	615 KB
43	tembodiaries.com tembodiaries.com	925 KB
33	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 cm.g.doubleclick.net — Cisco Umbrella Rank: 234	192 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	275 KB
8	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 83	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	315 KB
5	casalemedia.com 5 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463	5 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 949 r.turn.com	2 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 585	3 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 50	3 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 324	2 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	212 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 848	2 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 352	920 B
2	admedo.com 2 redirects pool.admedo.com — Cisco Umbrella Rank: 5210	745 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 505	2 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 740	925 B
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 6138	696 B
2	sitkatheme.com sitkatheme.com	98 KB
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1307	245 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 682	541 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	265 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 2107	173 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	605 B
1	eddytravels.com assets.eddytravels.com	1 KB
0	tembodairies.com Failed tembodairies.com Failed
175	28

	Domain	Requested by
43	tembodiaries.com	tembodiaries.com
32	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
19	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net
19	pagead2.googlesyndication.com	tembodiaries.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com www.googletagservices.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com tembodiaries.com googleads.g.doubleclick.net
9	www.gstatic.com	www.google.com googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net
6	www.google.com	1 redirects tembodiaries.com tpc.googlesyndication.com googleads.g.doubleclick.net
5	ssum-sec.casalemedia.com	5 redirects
4	c1.adform.net	4 redirects
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	www.googletagmanager.com	tembodiaries.com www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	pr-bh.ybp.yahoo.com	2 redirects
2	pm.w55c.net	2 redirects
2	r.turn.com
2	ad.turn.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	pool.admedo.com	2 redirects
2	sync.mathtag.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	sitkatheme.com	tembodiaries.com
1	rtb.openx.net	googleads.g.doubleclick.net
1	sync-tm.everesttech.net	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	tr.blismedia.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	assets.eddytravels.com	tembodiaries.com
0	tembodairies.com Failed	tembodiaries.com
175	34

This site contains links to these domains. Also see Links.

Domain
tembodairies.com
facebook.com
twitter.com
instagram.com
www.facebook.com
sitkatheme.com

Subject Issuer	Validity	Valid
tembodiaries.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-07` - `2024-03-07`	a year	crt.sh
eddytravels.com Cloudflare Inc ECC CA-3	`2022-08-14` - `2023-08-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.wprook.com R3	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-04-12` - `2023-07-11`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://tembodiaries.com/
Frame ID: 7AD89FA4A1E457CE6021B8F247234E33
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: 03386EB26033681E511575D72D8BC9C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&adk=1812271804&adf=3025194257&lmt=1684181797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftembodiaries.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181796933&bpp=5&bdt=479&idt=364&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4034685720181&frm=20&pv=2&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=406
Frame ID: 3D346BEA5B43B21CF10F4AF492EFE62B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=2981059394&adf=1314673024&pi=t.aa~a.942963996~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=2&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0&nras=2&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=1520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9guSOHAVIQ&p=https%3A//tembodiaries.com&dtd=13
Frame ID: 2DF869FAB44E7996145D795548B889EA
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=265150395&adf=3640588185&pi=t.aa~a.3537654196~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ic6FnWW5X8&p=https%3A//tembodiaries.com&dtd=25
Frame ID: B632272311EB6B63994D4BD7AA59DBB3
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=240&adk=1680120736&adf=1506310497&pi=t.aa~a.2571972425~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x240&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=4014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HhHfxfW07n&p=https%3A//tembodiaries.com&dtd=28
Frame ID: CB47C8BDEF4CFA69AEF7F87D3D1C5DC8
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: ED2268441AFD0745D88FC3BFCDDFE8E5
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: EF034EEA14E64D11102E3EB8B3B05830
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
Frame ID: 16AD9FBF2D092D18414FC5D3BD00A958
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8C59C1BC7405F2A947D375D5EBB086F0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 55AE196642021412B3450BCE17FF0D0B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: 87232F7867F7F93B73FFC7A56E61A446
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: A2CE60444C742F0ADD5C1151C0124337
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: C1A4DC2FFB4542A689F3A03A87C1D980
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64E2DDF496587DD7FD67C4D08D1AEA80
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F9FAD3BA31877EDAB6BF80CA1F80EC99
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: A1CADA5D94241FBCF7B3081FA0815967
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B11177ED3343937341BD47DBDC56CE7C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E6364D3C2A0F09E582891FD09EFB7301
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: EFDA3937FADDB0342BBB62F43E386C8E
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js
Frame ID: F8EB9E9A1E3485DF7623FEF9ABDC5DC7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tembo Diaries - We are a safe space where we tell interesting and crazy stories. Here we learn new things, unlearn some we thought we knew and laugh at the times we didn't know better. I promise you will relate!

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+recaptcha
/recaptcha/api\.js

Page Statistics

175
Requests

90 %
HTTPS

55 %
IPv6

28
Domains

34
Subdomains

23
IPs

7
Countries

2664 kB
Transfer

5947 kB
Size

30
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://tembodairies.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://facebook.com/tembodiaries

Search URL Search Domain Scan URL

URL: https://twitter.com/tembodiaries

Search URL Search Domain Scan URL

URL: https://instagram.com/tembodiaries

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://tembodiaries.com/2022/03/01/hello-world/

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Check%20out%20this%20article:%20Tembo+Tales%21&url=https://tembodiaries.com/2022/03/01/hello-world/&via=@tembodiaries

Search URL Search Domain Scan URL

URL: https://sitkatheme.com/classic/category/lifestyle/

Search URL Search Domain Scan URL

URL: https://sitkatheme.com/classic/contact/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 131

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFJdwoakpQhf2OqqlP_Y3c4&google_cver=1&google_push=ATf1kGMdaCBiMOhfG8HHvMQr_6Ck7Jv-BXRxbHVcb1n1eWTuUYoam6qGNO98s_q8RJD129BN3Dum9WC8mEZiMEokaPvC3wiCHcgPCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMdaCBiMOhfG8HHvMQr_6Ck7Jv-BXRxbHVcb1n1eWTuUYoam6qGNO98s_q8RJD129BN3Dum9WC8mEZiMEokaPvC3wiCHcgPCA

Request Chain 133

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEICuqbtuNxycjh3CC9HNNPI&google_cver=1&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRYzqW7LLbGzz76KGlQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEICuqbtuNxycjh3CC9HNNPI&google_cver=1&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRYzqW7LLbGzz76KGlQ HTTP 302
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a4a9138b-d280-44c8-8df6-d576f1bc1e2d HTTP 302
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a4a9138b-d280-44c8-8df6-d576f1bc1e2d HTTP 302
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2eaac9e5-197a-46ee-82db-64e37a6c8333&user_group=1&ssp=google&bsw_param=a4a9138b-d280-44c8-8df6-d576f1bc1e2d HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRYzqW7LLbGzz76KGlQ&google_hm=pKkTi9KARMiN9tV28bweLQ==

Request Chain 134

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIDQSKd7HbICJTM5SSKUSrU&google_cver=1&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQOJ9AYS3e1EujII15bmar0Xt2E9QQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIDQSKd7HbICJTM5SSKUSrU&google_cver=1&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQOJ9AYS3e1EujII15bmar0Xt2E9QQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg1ODM4MDMyNTk4Mjc4Mjg3Ng&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQOJ9AYS3e1EujII15bmar0Xt2E9QQ

Request Chain 135

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIfs9sXMTLpOHxm83Jj_3Hw&google_cver=1&google_push=ATf1kGM6DkSesBRvW9dCKY7caXS4pf9n5Jcwe7j2s8Lnfay1ReIeQ80osZpC78aY3cFijQduYxxYkpFt8D9OE1cK1p0GYJdmNZ2F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYU1otTi1HREFO&google_push=ATf1kGM6DkSesBRvW9dCKY7caXS4pf9n5Jcwe7j2s8Lnfay1ReIeQ80osZpC78aY3cFijQduYxxYkpFt8D9OE1cK1p0GYJdmNZ2F

Request Chain 136

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_cver=1&google_push=ATf1kGPulN5VjlH1jX0PNpHrDb55gNrPA7xd3tH8rLJzMtsgY-cupUxl4RTjX4dDqQux1b_l09jRWWT3Pkvew1YeSetwPO0sUDfu_w HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_push=ATf1kGPulN5VjlH1jX0PNpHrDb55gNrPA7xd3tH8rLJzMtsgY-cupUxl4RTjX4dDqQux1b_l09jRWWT3Pkvew1YeSetwPO0sUDfu_w&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPulN5VjlH1jX0PNpHrDb55gNrPA7xd3tH8rLJzMtsgY-cupUxl4RTjX4dDqQux1b_l09jRWWT3Pkvew1YeSetwPO0sUDfu_w

Request Chain 154

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK73hhrvKflV6jZVSCGoNlw&google_cver=1&google_push=ATf1kGPRjKl7h13JN4GfjDy3brLsZj-7w2JNi0y9qKenFN8wRbSOKOo5nvcv99mK3H_1fl1HKPlisa4oIjf9F_H8BMaN0DfqeqNR HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY4MDM0MjU5ODI4OTMxNzY3OQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1

Request Chain 155

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJkROlsu2pArsb26uaBL2U&google_cver=1&google_push=ATf1kGNiq1jXssWqFv0IKnezSXiXx_Pv0k7eJWUCrwvPiNB5yARTjdXEN4t2MwZNH7OE2hMagSyFS1sMsnb0uYn4tQWgxiOcSfvDtA HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJkROlsu2pArsb26uaBL2U&google_cver=1&google_push=ATf1kGNiq1jXssWqFv0IKnezSXiXx_Pv0k7eJWUCrwvPiNB5yARTjdXEN4t2MwZNH7OE2hMagSyFS1sMsnb0uYn4tQWgxiOcSfvDtA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a3RDcm1UNmkxUFlFQ0E1&google_gid=CAESELJkROlsu2pArsb26uaBL2U&google_cver=1&google_push=ATf1kGNiq1jXssWqFv0IKnezSXiXx_Pv0k7eJWUCrwvPiNB5yARTjdXEN4t2MwZNH7OE2hMagSyFS1sMsnb0uYn4tQWgxiOcSfvDtA

Request Chain 157

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBrm92In4e_ABUT7xVOl3gg&google_cver=1&google_push=ATf1kGNzx9p1qFATdDNHfpiaS_FPU91Vzr97rz5-0E1kPG_PQaTnNjHL1jR4Kqqf8atwIEKQbN5UDbz_3SBksn1eBFQZ-XZH3g9PvQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzx9p1qFATdDNHfpiaS_FPU91Vzr97rz5-0E1kPG_PQaTnNjHL1jR4Kqqf8atwIEKQbN5UDbz_3SBksn1eBFQZ-XZH3g9PvQ&google_hm=eS1Ob0ZTNUlkRTJwRlp0WlhCNWtpNm9GTkJhU2dpM1B3RH5B

Request Chain 158

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBtP_BjzENBXZFZVKWHH-K8&google_cver=1&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9ep0prgtRko_jrhY17-XsnDtF77aA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBtP_BjzENBXZFZVKWHH-K8&google_cver=1&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9ep0prgtRko_jrhY17-XsnDtF77aA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwNzY1ODE3NDA4MzE4MTY0Mg&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9ep0prgtRko_jrhY17-XsnDtF77aA

Request Chain 159

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGvrYCzUIeGzJWW8PDkdsIs&google_cver=1&google_push=ATf1kGPLdj1kl8-TQgKdT4o5qpUONy7dN3VB2LYwVFYetP9gpaUub2HrzmyDIXuUMKIWsJ4frd4c6tDqnp2QKpAmOipGvQQvKyvxqg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYVVotMTAtSlZYVQ==&google_push=ATf1kGPLdj1kl8-TQgKdT4o5qpUONy7dN3VB2LYwVFYetP9gpaUub2HrzmyDIXuUMKIWsJ4frd4c6tDqnp2QKpAmOipGvQQvKyvxqg

Request Chain 160

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_cver=1&google_push=ATf1kGNlaFT_5QNYmT9c2xWLZaCrcXp74onWhwVt7i1Q3Fn4p_1vgN6PxU8rOn_SIQmLA6EYLH8Ded4CwuWFG6THfcK8-dY7qqUlQA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_push=ATf1kGNlaFT_5QNYmT9c2xWLZaCrcXp74onWhwVt7i1Q3Fn4p_1vgN6PxU8rOn_SIQmLA6EYLH8Ded4CwuWFG6THfcK8-dY7qqUlQA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_hm=ZGKTKFdZ-HGug29w4MKdQQAADSUAAAIB&google_nid=index&google_push=ATf1kGNlaFT_5QNYmT9c2xWLZaCrcXp74onWhwVt7i1Q3Fn4p_1vgN6PxU8rOn_SIQmLA6EYLH8Ded4CwuWFG6THfcK8-dY7qqUlQA

Request Chain 163

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1&google_push=ATf1kGMJpEgNMV1MORfIW1osQmyx-qoQY-ghHTtVacfP0NsuHe-hWli8VB1Hjv-SAdkzxpOlqDVZN7NEMDAbqoeD1_5ESx4JzQq8jQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI4Mjk0MDgyNTIwOTAwMzgyMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1

Request Chain 165

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFGCYQlvMWVhAAP2Apyy8Jc&google_cver=1&google_push=ATf1kGPePfJYC8DrpLwPS0MaB0Kh7y7M8aLXV2D2GSSQnpnRIrJqXlaqm4z_pODPJ5pUbNFylGJmzr_GUUdYirdA9tE3DVMV1VTAHZE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xIVkYpMoRwC0cfTL0yQUYw&google_push=ATf1kGPePfJYC8DrpLwPS0MaB0Kh7y7M8aLXV2D2GSSQnpnRIrJqXlaqm4z_pODPJ5pUbNFylGJmzr_GUUdYirdA9tE3DVMV1VTAHZE

Request Chain 166

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEMFEry1y-X2NfOWxGKspbWE&google_cver=1&google_push=ATf1kGOn4WMynXIUUNH3TQkPgaW6vdVDNFjka_jtVteptw5J5kwHYLN_aatzSjjt2afOVXapZa-g8SOR_SqSA-1QhEcb9bFiKsXJFSE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFEry1y-X2NfOWxGKspbWE&google_push=ATf1kGOn4WMynXIUUNH3TQkPgaW6vdVDNFjka_jtVteptw5J5kwHYLN_aatzSjjt2afOVXapZa-g8SOR_SqSA-1QhEcb9bFiKsXJFSE

Request Chain 167

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDHuI8W94-4ym0_N9KdFm4M&google_cver=1&google_push=ATf1kGPjv9cVFPlqVcaG9ezYtb3P-LK5IYnFq2snHK7_yzjEufldEJkVYpao9O3Bk0Eac48_juOlM8ORnAHYGjdpu7IbCymbs799d-I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPjv9cVFPlqVcaG9ezYtb3P-LK5IYnFq2snHK7_yzjEufldEJkVYpao9O3Bk0Eac48_juOlM8ORnAHYGjdpu7IbCymbs799d-I&google_hm=eS1LZUx5NmVsRTJwSFBHOFVwaGlMbWt3MG5jdzQ2Lldnan5B

Request Chain 169

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELqGIIaaM-1wmwfkjEoLcuc&google_cver=1&google_push=ATf1kGPX8TbbUv46vjYlsTIUnL8_WpeqW4b9_vr-y02hOPB1FY7zq94E0hanVSGfHei0_Xs6Xbhe7jmeLcn5w2QfgbQFqmim2-63niQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqGIIaaM-1wmwfkjEoLcuc&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPX8TbbUv46vjYlsTIUnL8_WpeqW4b9_vr-y02hOPB1FY7zq94E0hanVSGfHei0_Xs6Xbhe7jmeLcn5w2QfgbQFqmim2-63niQ

Request Chain 171

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

175 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
tembodiaries.com/ 155 KB
18 KB 2715ms
2599ms Document
text/html 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed / PHP/8.0.28

Resource Hash

74497491417477c52fa978f557635e23abe2f4759b78abd040cc068dc97c311d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 15 May 2023 20:16:36 GMT
etag: "48385-1684181796;br"
link: <https://tembodiaries.com/wp-json/>; rel="https://api.w.org/"
referrer-policy: no-referrer-when-downgrade
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload;
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-litespeed-cache: miss
x-litespeed-cache-control: public,max-age=604800
x-litespeed-tag: f8e_HTTP.200,f8e_home,f8e_URL.6666cd76f96956469e7be39d750cc7d9,f8e_F,f8e_
x-powered-by: PHP/8.0.28
x-turbo-charged-by: LiteSpeed
x-xss-protection: 1; mode=block

GET
H2 200 sbi-styles.min.css
tembodiaries.com/wp-content/plugins/instagram-feed/css/ 24 KB
4 KB 55ms
53ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css?ver=6.1.4

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 3248
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 Apr 2023 19:09:04 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 style.min.css
tembodiaries.com/wp-includes/css/dist/block-library/ 95 KB
12 KB 59ms
56ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-includes/css/dist/block-library/style.min.css?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 11775
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 10 Mar 2023 00:22:37 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 sitka-blocks-style.css
tembodiaries.com/wp-content/plugins/sitka-blocks/css/ 2 KB
994 B 57ms
55ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/sitka-blocks/css/sitka-blocks-style.css?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

6cbaa503253eec78f0e0fe628b7972ac22b33fc895cb3353914051a8938801cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 580
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:41:42 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 classic-themes.min.css
tembodiaries.com/wp-includes/css/ 291 B
685 B 56ms
54ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-includes/css/classic-themes.min.css?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 13 Feb 2023 20:50:19 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 291
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 styles.css
tembodiaries.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 59ms
57ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.7.6

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 878
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 23 Apr 2023 19:39:25 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 captcha.min.css
tembodiaries.com/wp-content/plugins/advanced-google-recaptcha/assets/css/ 128 B
522 B 57ms
55ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/advanced-google-recaptcha/assets/css/captcha.min.css?ver=1.0.14

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

f15c0e6e911cc7b11c95c9f60b60e5cc0326d7261d3c523899cf47dab4597a33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Feb 2023 07:36:33 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 128
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 style.css
tembodiaries.com/wp-content/themes/sitka/ 141 KB
25 KB 143ms
141ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/style.css?ver=1.2.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

b6d69a0a482827350621bcadaa0b2c87187938d6c540330f0b4a244d1adcdb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 25664
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 font-awesome.min.css
tembodiaries.com/wp-content/themes/sitka/css/ 30 KB
7 KB 145ms
143ms Stylesheet
text/css 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/css/font-awesome.min.css?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

7cb42ed8404160fff12f49f64fc98e9eb228d9ccbb6be417f513fec10b689be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 6668
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 widget.min.js Show response
assets.eddytravels.com/ 1 KB
1 KB 249ms
94ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.eddytravels.com/widget.min.js

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

42a6b24269cc07a2aea6f4aa98d40ae5ce9794f5616aef11f18dccde87a3f65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
x-amz-version-id: fE0yQCYW8o3oR9JUxPmKDxewJUtWmOTc
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000
x-amz-request-id: 4EKXHHFC309V5HW6
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: bB7czHlrwI+99pHUkz96dOYE58wjTaStZcJmReXPcbQAIDazUcf8dJDy7v4DdUccDXAqJQMSrEU=
last-modified: Fri, 11 Nov 2022 14:04:16 GMT
server: cloudflare
etag: W/"64a1a3e3ba0471a0474b7b8151e624ee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PgegENyMdPBNaCo9LGaLqAjJGuRWo1dEzMmgIqHibfuHSa3tV0IwqHP%2FFOce72S7FwY1KpMVWFX%2BujcU3xt%2F9Xm4RGkIpTkvHFlc%2BHIi%2FRUVFKl6AYgTRJT%2FnhK8RF70rkinHD8jMCEtVt21KTUZ92PTWhkT"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=3600
cf-ray: 7c7e0f464c1f23cb-LHR

GET
H2 200 captcha.min.js Show response
tembodiaries.com/wp-content/plugins/advanced-google-recaptcha/assets/js/ 376 B
638 B 142ms
141ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/advanced-google-recaptcha/assets/js/captcha.min.js?ver=1.0.14

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

cfce838bf08d7934a42f812673c2f6dabf547ed90f67288edd5ee14d0ec303f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 210
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 20 Feb 2023 07:36:33 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 902 B
892 B 164ms
60ms Script
text/javascript 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en_US&onload=agrLoad&render=explicit&ver=1.0.14

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a2fe19e2780e03cb89ec0bae1c3ffd17489ea259c5e2d6195ebab7a31588618f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 572
x-xss-protection: 1; mode=block
expires: Mon, 15 May 2023 20:16:36 GMT

GET
H2 200 jquery.min.js Show response
tembodiaries.com/wp-includes/js/jquery/ 88 KB
30 KB 99ms
98ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 30376
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 08 Mar 2023 18:37:33 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 jquery-migrate.min.js Show response
tembodiaries.com/wp-includes/js/jquery/ 13 KB
5 KB 145ms
144ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 4603
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 06 Feb 2023 20:59:15 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 170 KB
62 KB 255ms
89ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-222714788-1

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3392a2bfde2e2f5cc474e58ae09d8f1b943618fe0c6852cacbb63fe0da455764

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63180
x-xss-protection: 0
last-modified: Mon, 15 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 15 May 2023 20:16:36 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 137 KB
47 KB 207ms
100ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7248059170725086&host=ca-host-pub-2644536267352236

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e44a8e5364f4d790e1c6124f175347a8b2b7aa992614818a2b49ccc59ed6de0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47731
x-xss-protection: 0
server: cafe
etag: 519249189305116237
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:36 GMT

GET
H2 200 cropped-IMG-20211218-WA0032.jpg
tembodiaries.com/wp-content/uploads/2022/02/ 13 KB
13 KB 58ms
56ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2022/02/cropped-IMG-20211218-WA0032.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

9d24ced4298f437d3f3394fda398c079f2e69fb6ac06eca30b892b78634b32c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 15 Feb 2022 14:37:34 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 13141
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET me.jpg
tembodairies.com/wp-content/uploads/2022/03/ 0
0

GET footer-logo.png
tembodairies.com/wp-content/uploads/2022/02/ 0
0

GET
H2 200 cropped-IMG-20221110-WA0001-1-300x300.jpg
tembodiaries.com/wp-content/uploads/2022/11/ 7 KB
7 KB 95ms
93ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2022/11/cropped-IMG-20221110-WA0001-1-300x300.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

729329cec82a7806eda9c7ddce604de154943174c3c2a74aef8f3d020e2ebb2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 10 Nov 2022 03:19:50 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7074
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 index.js Show response
tembodiaries.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 50ms
50ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.6

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2894
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 23 Apr 2023 19:39:25 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 index.js Show response
tembodiaries.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
4 KB 52ms
51ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.6

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 3918
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 23 Apr 2023 19:39:25 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 jquery.sidr.min.js Show response
tembodiaries.com/wp-content/themes/sitka/js/ 7 KB
3 KB 55ms
52ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/js/jquery.sidr.min.js?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 2463
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 slick.min.js Show response
tembodiaries.com/wp-content/themes/sitka/js/ 43 KB
11 KB 58ms
54ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/js/slick.min.js?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 10656
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 jquery.sticky.js Show response
tembodiaries.com/wp-content/themes/sitka/js/ 6 KB
2 KB 57ms
54ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/js/jquery.sticky.js?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

c01595a4679d6a7f2897cce0a30617b8b655985f64aa7a0b3b05d79e8f365869

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1668
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 jquery.fitvids.js Show response
tembodiaries.com/wp-content/themes/sitka/js/ 3 KB
2 KB 55ms
52ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/js/jquery.fitvids.js?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1158
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 sitka-scripts.js Show response
tembodiaries.com/wp-content/themes/sitka/js/ 5 KB
2 KB 58ms
55ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/js/sitka-scripts.js?ver=1.2.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

fecea83799f8e9f6c45fe07c3a68f90d7b85cb455a9b817a766d335a5a037df6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 1232
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 sbi-scripts.min.js Show response
tembodiaries.com/wp-content/plugins/instagram-feed/js/ 27 KB
8 KB 79ms
76ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/plugins/instagram-feed/js/sbi-scripts.min.js?ver=6.1.4

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 7357
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 26 Apr 2023 19:09:04 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 wp-emoji-release.min.js Show response
tembodiaries.com/wp-includes/js/ 18 KB
5 KB 55ms
53ms Script
application/javascript 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
content-length: 4651
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 02 Feb 2023 00:53:25 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/ 408 KB
163 KB 250ms
74ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/wqcyhEwminqmAoT8QO_BkXCr/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en_US&onload=agrLoad&render=explicit&ver=1.0.14

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 19:52:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1457
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166792
x-xss-protection: 0
last-modified: Mon, 08 May 2023 04:06:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 19:52:19 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTDeJqaE0lMZbLXGimS.woff
tembodiaries.com/wp-content/fonts/karla/ 17 KB
17 KB 80ms
79ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/karla/qkBIXvYC6trAT55ZBi1ueQVIjQTDeJqaE0lMZbLXGimS.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

ddc56230595914b645179e44d4e5963d0599cefac150c928f4fdab13a23caf3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 May 2023 13:04:55 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17324
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 promo3.jpg
sitkatheme.com/classic/wp-content/uploads/sites/5/2019/10/ 48 KB
49 KB 1258ms
526ms Image
image/jpeg 162.241.173.223
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sitkatheme.com/classic/wp-content/uploads/sites/5/2019/10/promo3.jpg
Requested by: Host: tembodiaries.com
URL: https://tembodiaries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.173.223 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: cs305.bluehost.com
Software: Apache / W3 Total Cache/2.2.1
Resource Hash: fa5a25f1cd30b5f4d3e17e0ef4354b385f7f2b337ebe35f65e3ce7069b1953a0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Mon, 15 May 2023 20:16:37 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 17 Oct 2019 06:16:09 GMT
server: Apache
x-powered-by: W3 Total Cache/2.2.1
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
content-length: 49618
expires: Tue, 14 May 2024 20:16:37 GMT

GET
H2 200 promo-8.jpg
sitkatheme.com/classic/wp-content/uploads/sites/5/2019/10/ 49 KB
50 KB 1073ms
342ms Image
image/jpeg 162.241.173.223
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sitkatheme.com/classic/wp-content/uploads/sites/5/2019/10/promo-8.jpg
Requested by: Host: tembodiaries.com
URL: https://tembodiaries.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.241.173.223 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: cs305.bluehost.com
Software: Apache / W3 Total Cache/2.2.1
Resource Hash: b08ff8b3ae868474c50aaac3d85f24dbb3edb03969e1db198ac5d674cdaef009

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Mon, 15 May 2023 20:16:37 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 06 Oct 2019 02:25:03 GMT
server: Apache
x-powered-by: W3 Total Cache/2.2.1
content-type: image/jpeg
cache-control: max-age=31536000, public
accept-ranges: bytes
host-header: Y2xvdWQuYmx1ZWhvc3QuY29t
content-length: 50433
expires: Tue, 14 May 2024 20:16:37 GMT

GET
H2 200 nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtXK-F2qO0g.woff
tembodiaries.com/wp-content/fonts/playfair-display/ 25 KB
26 KB 76ms
76ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/playfair-display/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKeiunDXbtXK-F2qO0g.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

db7ed1e8ee569d76b2e60e77ab7e77b6934a880e157f4a71c8f68826500f6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Jul 2022 03:12:09 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 26080
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lMZbLXGimS.woff
tembodiaries.com/wp-content/fonts/karla/ 17 KB
17 KB 120ms
117ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/karla/qkBIXvYC6trAT55ZBi1ueQVIjQTDH52aE0lMZbLXGimS.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

c1fcdc6d7aaa08e7983e3771e4ff88a4c67c65373e6a284bc1fe5560b9499143

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 May 2023 13:04:58 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17380
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 fontawesome-webfont.woff2
tembodiaries.com/wp-content/themes/sitka/fonts/ 75 KB
76 KB 147ms
144ms Font
font/woff2 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/themes/sitka/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/wp-content/themes/sitka/css/font-awesome.min.css?ver=6.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/wp-content/themes/sitka/css/font-awesome.min.css?ver=6.2
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 12 Feb 2022 07:40:24 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 77160
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lMZbLXGimS.woff
tembodiaries.com/wp-content/fonts/karla/ 17 KB
17 KB 70ms
67ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/karla/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lMZbLXGimS.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

7c103a1aca4430cffbf0b2ae81abf09c72b8c321fc5cce20638c56961a99e408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 May 2023 13:04:56 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17384
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 fdN-9sqWtWZZlHRpygd7l3QO6a4.woff
tembodiaries.com/wp-content/fonts/akronim/ 54 KB
55 KB 121ms
119ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/akronim/fdN-9sqWtWZZlHRpygd7l3QO6a4.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

1a8d2f55077d7bbcb9f2241680e0b17690fa220f076128926de36ac1bd5badc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 26 Apr 2022 16:08:53 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 55488
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTDypqaE0lMZbLXGimS.woff
tembodiaries.com/wp-content/fonts/karla/ 17 KB
18 KB 123ms
120ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/karla/qkBIXvYC6trAT55ZBi1ueQVIjQTDypqaE0lMZbLXGimS.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

55c58bb5c2c1e1b02e1e6a9774f68a1372bf05d830e7e11b7b4c652240014669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 May 2023 13:04:57 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17588
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 YA9dr0Wd4kDdMthROCHhsCkA.woff
tembodiaries.com/wp-content/fonts/kalam/ 17 KB
18 KB 107ms
104ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/kalam/YA9dr0Wd4kDdMthROCHhsCkA.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

839332017eb030355b9a67574e3cb182711a0d597d630a11410d9f798b9855f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 May 2022 10:44:53 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17676
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 pxiEyp8kv8JHgFVrJJfedHFHGPc.woff
tembodiaries.com/wp-content/fonts/poppins/ 10 KB
11 KB 122ms
120ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/poppins/pxiEyp8kv8JHgFVrJJfedHFHGPc.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

2db0a25447b543eff02741c0133150e504b3f94ab930f55232eb1ec6272ebb95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 03 May 2022 17:14:25 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 10528
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 qkBIXvYC6trAT55ZBi1ueQVIjQTDJp2aE0lMZbLXGimS.woff
tembodiaries.com/wp-content/fonts/karla/ 17 KB
18 KB 140ms
139ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/karla/qkBIXvYC6trAT55ZBi1ueQVIjQTDJp2aE0lMZbLXGimS.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

10a4b67dc9c10e8f5342dfa38651fbc98a31d68494ec2757ceffb224cf19d229

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 May 2023 13:04:57 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 17552
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92mvWc3ZyRTQ.woff
tembodiaries.com/wp-content/fonts/lora/ 25 KB
26 KB 119ms
117ms Font
font/woff 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL

https://tembodiaries.com/wp-content/fonts/lora/0QI8MX1D_JOuMw_hLdO6T2wV9KnW-MoFoq92mvWc3ZyRTQ.woff

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

8a93fd39340c9bb9ee5f5e41953d2b509736bf2a5f63279ee504e3bab1815d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Origin: https://tembodiaries.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 25 Feb 2023 11:46:53 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: font/woff
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 25836
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 caught-cheating.jpg
tembodiaries.com/wp-content/uploads/2023/05/ 36 KB
37 KB 142ms
141ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/05/caught-cheating.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

796dc5b81d62cc89e4fe8a00eaf9fe2a41e04c6156baf7fafc326242c16ec7fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 May 2023 10:05:45 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 37091
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 Screenshot_2023-05-06-11-26-07-51_680d03679600f7af0b4c700c6b270fe7.jpg
tembodiaries.com/wp-content/uploads/2023/05/ 82 KB
82 KB 152ms
151ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/05/Screenshot_2023-05-06-11-26-07-51_680d03679600f7af0b4c700c6b270fe7.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

521b0beb670d072059a7e5c18fa60dca5fe4b9f3670dbc7cedf01043b510e050

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 May 2023 08:35:49 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 83839
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 Legislation_To_Regulate_Churches-600x460.jpg
tembodiaries.com/wp-content/uploads/2023/04/ 77 KB
77 KB 163ms
162ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/04/Legislation_To_Regulate_Churches-600x460.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

dcafbc92340af73c549ed2bfdbd50e1e3c62b4b7caa44eb5fbbe776066a09cc7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 29 Apr 2023 02:54:55 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 78383
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 Screenshot_2023-04-22-14-58-47-11_a23b203fd3aafc6dcb84e438dda678b6-1-600x460.jpg
tembodiaries.com/wp-content/uploads/2023/04/ 25 KB
25 KB 153ms
152ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/04/Screenshot_2023-04-22-14-58-47-11_a23b203fd3aafc6dcb84e438dda678b6-1-600x460.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

2a8e5039e5c976588b0e22862e36908c11da36f83f88b9a36edfeababd6a8d15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 22 Apr 2023 12:00:30 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 25643
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 booty-calls-social-1572280047-600x460.png
tembodiaries.com/wp-content/uploads/2023/04/ 85 KB
86 KB 153ms
153ms Image
image/png 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/04/booty-calls-social-1572280047-600x460.png

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

2d63d31e8d9757def2b74e30cd1f2d3b3703186806d24d1cc61d4907405063ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sun, 16 Apr 2023 09:46:23 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 87329
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 caught-cheating-80x80.jpg
tembodiaries.com/wp-content/uploads/2023/05/ 4 KB
5 KB 164ms
163ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/05/caught-cheating-80x80.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

cf3a9498a03d34724997b7b253cdcfb3401253088bdc7663e2cfdde1fe584375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 13 May 2023 10:05:45 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4527
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 Screenshot_2023-05-06-11-26-07-51_680d03679600f7af0b4c700c6b270fe7-80x80.jpg
tembodiaries.com/wp-content/uploads/2023/05/ 3 KB
3 KB 164ms
164ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/05/Screenshot_2023-05-06-11-26-07-51_680d03679600f7af0b4c700c6b270fe7-80x80.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

82a3f52432d45f4747280e35581c300a703d0e394425558cc648a3237e7edab6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 06 May 2023 08:35:50 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2753
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 Legislation_To_Regulate_Churches-80x80.jpg
tembodiaries.com/wp-content/uploads/2023/04/ 13 KB
14 KB 164ms
164ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/04/Legislation_To_Regulate_Churches-80x80.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

5d7ee9e32e90f701f657c79e05661b73662b8eae8c8d67e9385f4ecd8aeb3edb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 29 Apr 2023 02:54:55 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 13661
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H2 200 Legislation_To_Regulate_Churches.jpg
tembodiaries.com/wp-content/uploads/2023/04/ 135 KB
135 KB 164ms
163ms Image
image/jpeg 185.61.152.73
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tembodiaries.com/wp-content/uploads/2023/04/Legislation_To_Regulate_Churches.jpg

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.61.152.73 , United Kingdom, ASN22612 (NAMECHEAP-NET, US),

Reverse DNS

business36-5.web-hosting.com

Software

LiteSpeed /

Resource Hash

7a4dd634379022632ee75dcfc3b0c982c74d400833e2703b104bbe8efac0d591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:36 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload;
x-content-type-options: nosniff
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 29 Apr 2023 02:54:54 GMT
server: LiteSpeed
vary: User-Agent
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 137932
x-xss-protection: 1; mode=block
expires: Mon, 22 May 2023 20:16:36 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 356 KB
120 KB 210ms
123ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7248059170725086&plah=tembodiaries.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7248059170725086&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0ff92cfb2b84dd011a5938d99369d5b8edde24e88e28ce20e369a3f8b29bf48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122683
x-xss-protection: 0
server: cafe
etag: 1451942725385708409
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:37 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame 0338 10 KB
5 KB 138ms
43ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7248059170725086&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 10901
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 17:14:56 GMT
etag: 15057649708203361565
expires: Mon, 29 May 2023 17:14:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 76ms
75ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DTZ7ZNYFR1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-222714788-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a066d3a3262e61c20c373a5f049ee09124b4e37ad12cddc37db92fa10925932c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74119
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 20:16:37 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 227ms
68ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-222714788-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 15 May 2023 18:35:39 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 6058
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 15 May 2023 20:35:39 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
78 KB 116ms
116ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V6TL6X110B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-222714788-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

eee21433abeedd0decc0113081c0c04a14881f5499f470ac81fcb41c9978d555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79540
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 15 May 2023 20:16:37 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
254 B 127ms
47ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-DTZ7ZNYFR1&gtm=45je35a0&_p=779361662&cid=476766829.1684181797&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&ngs=1&_s=1&sid=1684181797&sct=1&seg=0&dl=https%3A%2F%2Ftembodiaries.com%2F&dt=Tembo%20Diaries%20-%20We%20are%20a%20safe%20space%20where%20we%20tell%20interesting%20and%20crazy%20stories.%20Here%20we%20learn%20new%20things%2C%20unlearn%20some%20we%20thought%20we%20knew%20and%20laugh%20at%20the%20times%20we%20didn%27t%20know%20better.%20I%20promise%20you%20will%20relate!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DTZ7ZNYFR1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tembodiaries.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 100ms
48ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V6TL6X110B&gtm=45je35a0&_p=779361662&gdid=dZTNiMT&cid=476766829.1684181797&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684181797&sct=1&seg=0&dl=https%3A%2F%2Ftembodiaries.com%2F&dt=Tembo%20Diaries%20-%20We%20are%20a%20safe%20space%20where%20we%20tell%20interesting%20and%20crazy%20stories.%20Here%20we%20learn%20new%20things%2C%20unlearn%20some%20we%20thought%20we%20knew%20and%20laugh%20at%20the%20times%20we%20didn%27t%20know%20better.%20I%20promise%20you%20will%20relate!&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V6TL6X110B&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tembodiaries.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 399 B
605 B 160ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=tembodiaries.com&callback=_gfp_s_&client=ca-pub-7248059170725086

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7248059170725086&plah=tembodiaries.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a87d58df677860830532ac74735e54fbde9ab284f114c5a5f76d0a32245b4480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
531 B 191ms
63ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tembodiaries.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 160ms
59ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tembodiaries.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3D34 370 KB
67 KB 1427ms
1427ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&adk=1812271804&adf=3025194257&lmt=1684181797&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Ftembodiaries.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181796933&bpp=5&bdt=479&idt=364&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4034685720181&frm=20&pv=2&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=406

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fdd494032b50fa8af7a0711ab832c41666395c29684af462b3749ef0a016a35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 68712
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:16:38 GMT
expires: Mon, 15 May 2023 20:16:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 80ms
79ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&aip=1&a=779361662&t=pageview&_s=1&dl=https%3A%2F%2Ftembodiaries.com%2F&ul=en-us&de=UTF-8&dt=Tembo%20Diaries%20-%20We%20are%20a%20safe%20space%20where%20we%20tell%20interesting%20and%20crazy%20stories.%20Here%20we%20learn%20new%20things%2C%20unlearn%20some%20we%20thought%20we%20knew%20and%20laugh%20at%20the%20times%20we%20didn%27t%20know%20better.%20I%20promise%20you%20will%20relate!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACUABBAAAACAAI~&jid=727928534&gjid=846286958&cid=476766829.1684181797&tid=UA-222714788-1&_gid=280934042.1684181797&_r=1&gtm=457e35a0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1643123670

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://tembodiaries.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tembodiaries.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 97ms
97ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53fe616b06697257e450892849c5549476b9ad9561743e9c846c263ea4145fd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11238
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ 151 KB
51 KB 138ms
137ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9f7e28b619c7a244c99ce822123c155d62c6813ed77a0a1f13230f314abfb9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52433
x-xss-protection: 0
server: cafe
etag: 14173485464349452527
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
165 B 52ms
51ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=tembodiaries.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 57ms
56ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=tembodiaries.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DF8 92 KB
36 KB 409ms
405ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=2981059394&adf=1314673024&pi=t.aa~a.942963996~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=2&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0&nras=2&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=1520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9guSOHAVIQ&p=https%3A//tembodiaries.com&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2459d9a5364336c3285654f02caa692a70346a8c2e1911fa6b807f806c67e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36558
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:16:39 GMT
expires: Mon, 15 May 2023 20:16:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B632 82 KB
34 KB 725ms
720ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=265150395&adf=3640588185&pi=t.aa~a.3537654196~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ic6FnWW5X8&p=https%3A//tembodiaries.com&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d9fd6c852b3a43aa5c69eb29e9fa47ed268027fa39689410c40106881136906

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:16:39 GMT
expires: Mon, 15 May 2023 20:16:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CB47 91 KB
34 KB 659ms
655ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=240&adk=1680120736&adf=1506310497&pi=t.aa~a.2571972425~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x240&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=4014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HhHfxfW07n&p=https%3A//tembodiaries.com&dtd=28

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad996cd4dc498256001ca41d06b2ff066431e8f72658ca0d4191fce21e29a218

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 34823
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:16:39 GMT
expires: Mon, 15 May 2023 20:16:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 289ms
150ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame ED22 10 KB
4 KB 49ms
45ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 81695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame EF03 10 KB
4 KB 49ms
46ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 81695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/ Frame 16AD 10 KB
4 KB 50ms
47ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 81695
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 21:35:04 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 21:35:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame ED22 4 KB
728 B 171ms
53ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 19:11:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame ED22 2 KB
1 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ED22 0
0 90ms
90ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiR4AJZNiZIqYGOCC1fAPoouR6AHYiKb0bea_8IWDEdvZHhABIMilnpUBYLuGgIDQCqABq7Tz7QLIAQmpAtOkz6xtZoM-qAMByAPLBKoE3AFP0KGPpT8NJmQHzga9MVti9ZVH-8yslXVJtqlE4e_3R3A00G7ETKEQ55zQ0sCHuzThfs3U6xN6gSQB13XebMQp-0ZasngPDhZgT6FOrrJkrlzVIFiyA3fVIYKJHuldLp_cdolxoi8JEYy4gvMLeB2eYZPxNPl8GNTiyyvZSew2SVedjSFNKD80Ny2c0F0nxDQLpq4xP-0BvfGHS5DuBTP3RRKDG1BC2Dr9VUu95CMgCNRljjyucLh2V28fAm59lyTCF-PDOTuWBBMSf9JTsuUjnKqtg_NGJODnsQ-0wAT82LOTrQSSBQQIBBgBkgUECAUYBKAGLoAHvcuMkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCQ5y7SCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBogwIKgYKBMOwsQK4E-QD2BMN0BUBmBYBgBcBshccChoIABIUcHViLTcyNDgwNTkxNzA3MjUwODYYAA&sigh=AsOPvYgDs14&uach_m=[UACH]&cid=CAQSGwBygQiD7aHUFqxYXeby9Bxx1FQSYHcJjdjkcRgB&template_id=484

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 20:16:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame ED22 22 KB
9 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame ED22 3 KB
1 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:31:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame ED22 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame ED22 169 KB
53 KB 190ms
89ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame ED22 32 KB
13 KB 135ms
47ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 12:27:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame EF03 6 KB
1 KB 161ms
53ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 19:38:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EF03 2 KB
799 B 83ms
83ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame EF03 22 KB
9 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EF03 3 KB
1 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:31:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame EF03 19 KB
8 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EF03 169 KB
52 KB 255ms
164ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame EF03 32 KB
13 KB 122ms
44ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 12:27:27 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 16AD 6 KB
779 B 154ms
55ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 18:56:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 16AD 2 KB
799 B 94ms
94ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 16AD 22 KB
9 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 16AD 3 KB
1 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:31:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 16AD 19 KB
8 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 16AD 169 KB
52 KB 261ms
179ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 16AD 32 KB
13 KB 130ms
61ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 12:27:27 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/17855388755807449572/ Frame ED22 31 KB
31 KB 109ms
109ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17855388755807449572/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83c0664059afaa3621c47dc1c8e06c8bdcd2d2ed01119d412e063278bdfc7679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 15:07:59 GMT
x-content-type-options: nosniff
age: 104920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31832
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 14:15:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 May 2024 15:07:59 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/17647145883080398077/ Frame ED22 1 KB
1 KB 128ms
127ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17647145883080398077/14763004658117789537?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3d4a2557eac67dd95aeff1dbeb60c139028083b443bbd82c2359a0dec6dcfec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 19:29:26 GMT
x-content-type-options: nosniff
age: 262033
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1111
x-xss-protection: 0
last-modified: Mon, 27 Jun 2022 02:19:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 11 May 2024 19:29:26 GMT

GET
DATA 200
OK truncated
/ Frame ED22 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 212dd68f9fa92d7045b5aed72d633678c29022f98c7d41ac68061acd505098b9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8C59 13 KB
5 KB 51ms
50ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 6082
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 18:35:17 GMT
expires: Tue, 14 May 2024 18:35:17 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 55AE 783 B
916 B 53ms
52ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

244fec526257fcae8c63cffa313bc44a00b8c17f73c72bb6db2d5ce8108a2178

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LPXuPnIEHJyTkzeJA7brtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tembodiaries.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-LPXuPnIEHJyTkzeJA7brtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:16:39 GMT
expires: Mon, 15 May 2023 20:16:39 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 55AE 0
0 138ms
137ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=2068310428613037&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 8C59 37 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 200 5c132af01198b79277f9291767bd072e.js Show response
www.gstatic.com/mysidia/ Frame 2DF8 8 KB
4 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5c132af01198b79277f9291767bd072e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=2981059394&adf=1314673024&pi=t.aa~a.942963996~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=2&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0&nras=2&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=1520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9guSOHAVIQ&p=https%3A//tembodiaries.com&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3651
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:41:10 GMT

GET
H3 200 044a83e5da670341b3efea50f0ca4b53.js Show response
www.gstatic.com/mysidia/ Frame 2DF8 18 KB
7 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 538529
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7569
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 07 Aug 2023 14:41:10 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2DF8 2 KB
765 B 55ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H3 200 136beb7e84d4b05a5b5bba85738ca9f6.js Show response
www.gstatic.com/mysidia/ Frame 2DF8 6 KB
2 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/136beb7e84d4b05a5b5bba85738ca9f6.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 16:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2330
x-xss-protection: 0
last-modified: Mon, 08 May 2023 23:51:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 16:22:13 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 8723 37 KB
14 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8C59 0
10 B 51ms
51ms Image
text/plain 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8aNOBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 2DF8 22 KB
9 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2DF8 3 KB
1 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:31:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 2DF8 19 KB
8 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 2DF8 0
0 66ms
64ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaNTNeGfG3WjWq4QctKqhr0bCmzi3Cij2NR0LLXrFnfLjmLikZW_atLp4axT4F0eEiYA-Il3F8YkcztSJTVJA5VboBWw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=2981059394&adf=1314673024&pi=t.aa~a.942963996~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=2&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0&nras=2&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=1520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9guSOHAVIQ&p=https%3A//tembodiaries.com&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2DF8 169 KB
52 KB 105ms
103ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame 2DF8 32 KB
13 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 12:27:27 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame A2CE 37 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame C1A4 37 KB
14 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tembodiaries.com
URL: https://tembodiaries.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 200 4230197775713662247
tpc.googlesyndication.com/daca_images/simgad/ Frame 2DF8 32 KB
32 KB 152ms
152ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/4230197775713662247?w=360&h=640

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0be1dc437a2097b866a07da7fc075e91d83240665d0b1f55e25d7b05541cf243

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32832
x-xss-protection: 0
last-modified: Thu, 11 May 2023 18:31:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 22 May 2023 20:16:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2DF8 0
0 109ms
108ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ccjq-J5NiZICoCauR1fAPzJiW2AX1-qS9cJank6-YEZiS-IezAhABIMilnpUBYLuGgIDQCqABmqvisinIAQGoAwHIA8sEqgTbAU_Q0dIYP5QgtVHs0-dVjsxjKXcPf-lFKppDkJgCyDnfJMKZId5xRHjohN1LxtVA8GNjTPbShv0HaRI3XHFGUr3ys4KRQBn-AplbrY9VRxn-ClznSs4L0VPJ-zQH5gWXW_fLLomSsxknsBKrq1ZOdpQarVbxMiQRuHKi_HdAPqajcHf29R8SYeG7HVJCwSrO76RDYROipCzafXjaaEmlk2vAe7aRhDwuRICWOTOlrLdHRO7ATNAyvzLK-cWcK--LsqclZBaKjJely771ay5dcOo5x3vu98ZXY5EIN8AEuPzcs6oEkgUECAQYAZIFBAgFGASgBgKAB5rjspIEqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ2LsK0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03MjQ4MDU5MTcwNzI1MDg2GAA&sigh=Jo4SPcfR1Qo&uach_m=[UACH]&cid=CAQSPABygQiD3XqJI-RXNNhE9T-yJ0YAdUqNlfhpia4cmisjWx9x_Mi_vbP09KrS2jI9xJi2BhEWmRRVlT3grxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=2981059394&adf=1314673024&pi=t.aa~a.942963996~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=2&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0&nras=2&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=1520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9guSOHAVIQ&p=https%3A//tembodiaries.com&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 20:16:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 64E2 1 KB
643 B 52ms
52ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 33146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Tue, 16 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2DF8 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 609fc5e29ea087675252584cd48cb656264f3fab81d1f75d7432b1eb37d9af63

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DF8 0
20 B 160ms
160ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CB47 6 KB
780 B 62ms
61ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=240&adk=1680120736&adf=1506310497&pi=t.aa~a.2571972425~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x240&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=4014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HhHfxfW07n&p=https%3A//tembodiaries.com&dtd=28

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 15 May 2023 18:36:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CB47 2 KB
765 B 72ms
72ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:27:27 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28152
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:27:27 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame CB47 22 KB
9 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CB47 3 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:31:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame CB47 19 KB
8 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CB47 0
0 64ms
64ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxa6ANAfDeoY8s-4y5P0fvOZmDZx0p-yJ8gWQvUngTKdukfXB5NK8K7fpTE6vgy7hVrM3GjFsB1hzQzwIczJgRxsqOmQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=240&adk=1680120736&adf=1506310497&pi=t.aa~a.2571972425~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x240&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=4014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HhHfxfW07n&p=https%3A//tembodiaries.com&dtd=28
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CB47 169 KB
52 KB 181ms
180ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 9d5f24412120a376f470376f2f2984aa.js Show response
www.gstatic.com/mysidia/ Frame CB47 32 KB
13 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9d5f24412120a376f470376f2f2984aa.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 12:27:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13623
x-xss-protection: 0
last-modified: Tue, 09 May 2023 14:00:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 12 Aug 2023 12:27:27 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 64E2 35 B
462 B 340ms
103ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBrCjR8AREBn5qj_FZMTqHw&google_cver=1&google_push=ATf1kGMjfPQayiqCts1W36DslRDvtlSeM8zLlTMw6u6f7ZnwdesYQ2Xz6rPiD99YehzNrj30MCkKPs2yi3qhQHx-Z0TXUg3RzgeK

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 64E2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFJdwoakpQhf2OqqlP_Y3c4&google_cver=1&google_push=ATf1kGMdaCBiMOhfG8HHvMQr_6Ck7Jv-BXRxbHVcb1n1eWTuUYoam6qGNO98s_q8RJD129BN3Dum9WC8mEZiMEok...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMdaCBiMOhfG8HHvMQr_6Ck7Jv-BXRxbHVcb1n1eWTuUYoam6qGNO98s_q8RJD129BN3Dum9WC8mEZiMEokaPvC3wiCHcgPCA

170 B
329 B

59ms
59ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMdaCBiMOhfG8HHvMQr_6Ck7Jv-BXRxbHVcb1n1eWTuUYoam6qGNO98s_q8RJD129BN3Dum9WC8mEZiMEokaPvC3wiCHcgPCA

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 May 2023 20:16:39 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x2 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ATf1kGMdaCBiMOhfG8HHvMQr_6Ck7Jv-BXRxbHVcb1n1eWTuUYoam6qGNO98s_q8RJD129BN3Dum9WC8mEZiMEokaPvC3wiCHcgPCA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 May 2023 20:16:38 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 64E2 0
173 B 148ms
59ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEA1oV1xaLXif8ZGTM_5XCL4&google_cver=1&google_push=ATf1kGNsxZU7ms2ASKP9tXEEm_fzNHzWwb5D-GKGbSKqDj2mf5BkVgvFhcaC-43VPVTfPLFdpRkJluQIMOu8oZRKf9c_SV4ao7p1zw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=2981059394&adf=1314673024&pi=t.aa~a.942963996~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=2&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0&nras=2&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=1520&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=9guSOHAVIQ&p=https%3A//tembodiaries.com&dtd=13
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64E2
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEICuqbtuNxycjh3CC9HNNPI&google_cver=1&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRYzqW7LL...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEICuqbtuNxycjh3CC9HNNPI&google_cver=1&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRY...
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a4a9138b-d280-44c8-8df6-d576f1bc1e2d
https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google&bsw_custom_parameter=a4a9138b-d280-44c8-8df6-d576f1bc1e2d
https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=2eaac9e5-197a-46ee-82db-64e37a6c8333&user_group=1&ssp=google&bsw_param=a4a9138b-d280-44c8-8df6-d576f1bc1e2d
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRYzqW7LLbGzz76KGlQ&google_hm=pKkTi9KARMiN9tV28bweLQ==

170 B
188 B

58ms
58ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRYzqW7LLbGzz76KGlQ&google_hm=pKkTi9KARMiN9tV28bweLQ==

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ATf1kGOv50jN8jcpNCG6egLFtrTGxlqmlSgbXi76Mi6CnieRUpm--hQ2YfO2LHvy7H5VP42fPp0Blvz90XvsRYzqW7LLbGzz76KGlQ&google_hm=pKkTi9KARMiN9tV28bweLQ==
date: Mon, 15 May 2023 20:16:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 64E2
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIDQSKd7HbICJTM5SSKUSrU&google_cver=1&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQOJ9AYS...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIDQSKd7HbICJTM5SSKUSrU&google_cver=1&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQO...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg1ODM4MDMyNTk4Mjc4Mjg3Ng&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQOJ9A...

170 B
232 B

57ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg1ODM4MDMyNTk4Mjc4Mjg3Ng&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQOJ9AYS3e1EujII15bmar0Xt2E9QQ

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTg1ODM4MDMyNTk4Mjc4Mjg3Ng&google_push=ATf1kGM0BPUmEwcISQUdwUa0AWWCemEBKMiB5GzVUFpjt1MhOsyoBrvOIvKgSGRX33k9jEXCrQOJ9AYS3e1EujII15bmar0Xt2E9QQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 64E2
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIfs9sXMTLpOHxm83Jj_3Hw&google_cver=1&google_push=ATf1kGM6DkSesBRvW9dCKY7caXS4pf9n5Jcwe7j2s8Lnfay1ReIeQ80osZpC78aY3cFijQduYxx...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYU1otTi1HREFO&google_push=ATf1kGM6DkSesBRvW9dCKY7caXS4pf9n5Jcwe7j2s8Lnfay1ReIeQ80osZpC78aY3cFijQduYxxYkpFt8D9OE1cK1p0GYJdmNZ2F

170 B
232 B

55ms
53ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYU1otTi1HREFO&google_push=ATf1kGM6DkSesBRvW9dCKY7caXS4pf9n5Jcwe7j2s8Lnfay1ReIeQ80osZpC78aY3cFijQduYxxYkpFt8D9OE1cK1p0GYJdmNZ2F

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYU1otTi1HREFO&google_push=ATf1kGM6DkSesBRvW9dCKY7caXS4pf9n5Jcwe7j2s8Lnfay1ReIeQ80osZpC78aY3cFijQduYxxYkpFt8D9OE1cK1p0GYJdmNZ2F
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 64E2
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPulN5VjlH1jX0PNpHrDb55gNrPA7xd3...

170 B
188 B

58ms
58ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPulN5VjlH1jX0PNpHrDb55gNrPA7xd3tH8rLJzMtsgY-cupUxl4RTjX4dDqQux1b_l09jRWWT3Pkvew1YeSetwPO0sUDfu_w

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 20:16:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEB0L-l9h4Ml_S8TnsYO77pY&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPulN5VjlH1jX0PNpHrDb55gNrPA7xd3tH8rLJzMtsgY-cupUxl4RTjX4dDqQux1b_l09jRWWT3Pkvew1YeSetwPO0sUDfu_w
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 64E2 0
40 B 204ms
52ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JtZc9xqQzzpk8akKPajksSZk0KmYYw-B1z1pE9aKDT8Yrdn9pgwo4qrIiLgeX1eRcH9SH1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CB47 0
0 90ms
89ms Fetch
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ciok4J5NiZMTBDZOxnAe3gJ2oB-Lrvs5ws_rS-rER7L7mgaE7EAEgyKWelQFgu4aAgNAKoAGfpomjKcgBCakCuEm_tTNnsj6oAwHIA8sEqgTUAU_QyK3AoWQZJHtkRbp8qd23pEB3QPqmekmnSeuBp6fxP6ZiXpxqz7J97n_HGHHoPNMsfUKSQUIkQkNnKHq88tqQQ6uYUC4PIqkdC5_fD6HN29EbWDVpPzdC0Cvz8BL3BhleLuynsVcd3UQOA_Z3fSh5tPw-Je-Fxs7_RPDJY_TVNTRsBA3tGXAIFf_W0kV_jWRgls8o49VCOd23lBi0qmeQ_SgotEOSFjyX32mxiYc0Q1dcvbLvKnciLvOXvQ-mbTyHxaq9OfZTGcGZGHdWa5tfARVcwATJjLWltgSSBQQIBBgBkgUECAUYBKAGLoAHsoTwnwSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDQ5QjSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsBuBPkA9gTDdAVAYAXAbIXHAoaCAASFHB1Yi03MjQ4MDU5MTcwNzI1MDg2GAA&sigh=15sT6MLfhGk&uach_m=[UACH]&cid=CAQSPABygQiDkQGldNv-I9llZpJDOwZgp8kbxSPumVcklxBJNTEadFi8KnZC1txhO3lJ3BQBhW1828RdZPJXnhgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=240&adk=1680120736&adf=1506310497&pi=t.aa~a.2571972425~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x240&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=4014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HhHfxfW07n&p=https%3A//tembodiaries.com&dtd=28
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 20:16:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/1548772484755484079/ Frame CB47 16 KB
16 KB 61ms
61ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1548772484755484079/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b9d09ae062a3e808cf7372cff57567cd919051bd844d928ec0ac1e3332a283b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 07:09:35 GMT
x-content-type-options: nosniff
age: 220024
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16598
x-xss-protection: 0
last-modified: Fri, 07 Apr 2023 09:41:39 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 May 2024 07:09:35 GMT

GET
DATA 200
OK truncated
/ Frame CB47 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 17620739369674195504
tpc.googlesyndication.com/simgad/ Frame B632 68 KB
68 KB 59ms
59ms Image
image/png 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17620739369674195504?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qm3Ps9bfagmPHvZ9VdDiVMNF045sg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=265150395&adf=3640588185&pi=t.aa~a.3537654196~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ic6FnWW5X8&p=https%3A//tembodiaries.com&dtd=25

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f99681320f8d8ad2793dcfc06983d693857388ed42317fa4a3c8fba159c256d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:28:00 GMT
x-content-type-options: nosniff
age: 539319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69379
x-xss-protection: 0
last-modified: Mon, 01 May 2023 20:19:07 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 May 2024 14:28:00 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame B632 22 KB
9 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33838
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 10:52:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B632 3 KB
1 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:31:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6328
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:31:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B632 19 KB
8 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:20:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 28541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7937
x-xss-protection: 0
server: cafe
etag: 2499949999788435271
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 12:20:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B632 0
0 66ms
66ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSB_gW77j54weU9gSMjNskT646Nd8M1p3MX9bTrn-qFun5-xtnfiPIdckc2luusQ-1XUE1HZ_wxMErQ_p10wzJa-RgSPQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=265150395&adf=3640588185&pi=t.aa~a.3537654196~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ic6FnWW5X8&p=https%3A//tembodiaries.com&dtd=25
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B632 169 KB
52 KB 159ms
159ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53545
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1683718549123860"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame B632 32 KB
13 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:32:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13044
x-xss-protection: 0
server: cafe
etag: 498276857413144450
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:32:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F9FA 1 KB
643 B 54ms
53ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 33146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Tue, 16 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CB47 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f678e23975d8a4b9ef06d609eda5056d2cdd3014d60cfeba393661300cd100f4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame A1CA 37 KB
14 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168139
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B111 143 B
166 B 49ms
43ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=265150395&adf=3640588185&pi=t.aa~a.3537654196~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ic6FnWW5X8&p=https%3A//tembodiaries.com&dtd=25
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 343
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:10:56 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E636 1 KB
643 B 49ms
48ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 33146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
etag: 48472445140208031
expires: Tue, 16 May 2023 11:04:13 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2DF8 0
20 B 155ms
153ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoSCAEqDmNlbnRlcmVkLWltYWdlCgoIAioGc2VydmVyChUIBCoRbXlzaWRpYV9hbmFseXRpY3MKDRAQIQAAAABA_-FAMAQKDRARIQAAAADg_vFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAAAhAMAQKDRAXIQAAAGZm3otAMAQKDRAUIQAAAADAYfpAMAQKDRAVIQAAAAAAACpAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAAAAAaI1AMAQKDRAyIQAAAAAA0GZAMAQKDRAzIQAAAAAA4GZAMAQKDRA0IQAAAAAA4GZAMAQKDRA1IQAAAAAA4GZAMAQKDRA2IQAAAAAA4GZAMAQKDRA3IQAAAAAA4GZAMAQKDRA4IQAAAAAAcGdAMAQKDRA5IQAAAJqZgYJAMAQKDRA6IQAAAGZmRoNAMAQKDRA7IQAAAMzM2ItAMAQKDRA8IQAAAMzM2ItAMAQKDRA9IQAAADIz34tAMAQKDRA-IQAAADIzJ41AMAQKDRA_IQAAADIzJ41AMAQKDRBAIQAAAAAAfI1AMAQSGkNNRFhnSS1TLVA0Q0ZhdElGUWdkVEl3Rld3IiBpbWFnZS9pbWFnZV9ub25faW50ZXJzdGl0aWFsX29jaCgj

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/044a83e5da670341b3efea50f0ca4b53.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F9FA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK73hhrvKflV6jZVSCGoNlw&google_cver=1&google_push=ATf1kGPRjKl7h13JN4GfjDy3brLsZj-7w2JNi0y9qKenFN8wRbSOKOo5nvcv99mK3H_1fl1HKPlisa4oIjf9F_H8BMaN0DfqeqNR
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzY4MDM0MjU5ODI4OTMxNzY3OQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1

43 B
398 B

172ms
89ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F9FA
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJkROlsu2pArsb26uaBL2U&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELJkROlsu2pArsb26uaBL2U&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a3RDcm1UNmkxUFlFQ0E1&google_gid=CAESELJkROlsu2pArsb26uaBL2U&google_cver=1&google_push=ATf1kGNiq1jXssWqFv0IKnezSXiXx_Pv0k7eJWUCrwvPiNB...

170 B
188 B

55ms
55ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a3RDcm1UNmkxUFlFQ0E1&google_gid=CAESELJkROlsu2pArsb26uaBL2U&google_cver=1&google_push=ATf1kGNiq1jXssWqFv0IKnezSXiXx_Pv0k7eJWUCrwvPiNB5yARTjdXEN4t2MwZNH7OE2hMagSyFS1sMsnb0uYn4tQWgxiOcSfvDtA

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 20:16:39 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-777-g304ac51#rel-ec2-master i-03b3f67f69a828fdc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=a3RDcm1UNmkxUFlFQ0E1&google_gid=CAESELJkROlsu2pArsb26uaBL2U&google_cver=1&google_push=ATf1kGNiq1jXssWqFv0IKnezSXiXx_Pv0k7eJWUCrwvPiNB5yARTjdXEN4t2MwZNH7OE2hMagSyFS1sMsnb0uYn4tQWgxiOcSfvDtA
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F9FA 70 B
265 B 209ms
97ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN4NnhfFhEh1jJ5ltim_FcI&google_cver=1&google_push=ATf1kGO6I38Noi0IXjHI6HQwnlLsTVFIvwfmibCTlGWws2skBfblzaGt_6tOg9qe2Q6OtIyu34VpOf3fnitcoytUZn7Fuu79_mJqFA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=240&adk=1680120736&adf=1506310497&pi=t.aa~a.2571972425~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x240&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=1&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600%2C300x600&nras=4&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=4014&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HhHfxfW07n&p=https%3A//tembodiaries.com&dtd=28
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F9FA
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBrm92In4e_ABUT7xVOl3gg&google_cver=1&google_push=ATf1kGNzx9p1qFATdDNHfpiaS_FPU91Vzr97rz5-0E1kPG_PQaTnNjHL1jR4Kqqf8atwIEKQbN5UDbz_3SBksn1eBFQZ-XZ...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzx9p1qFATdDNHfpiaS_FPU91Vzr97rz5-0E1kPG_PQaTnNjHL1jR4Kqqf8atwIEKQbN5UDbz_3SBksn1eBFQZ-XZH3g9PvQ&google_hm=eS1Ob0ZTNUlkRTJwRlp0...

170 B
188 B

56ms
55ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzx9p1qFATdDNHfpiaS_FPU91Vzr97rz5-0E1kPG_PQaTnNjHL1jR4Kqqf8atwIEKQbN5UDbz_3SBksn1eBFQZ-XZH3g9PvQ&google_hm=eS1Ob0ZTNUlkRTJwRlp0WlhCNWtpNm9GTkJhU2dpM1B3RH5B

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 20:16:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGNzx9p1qFATdDNHfpiaS_FPU91Vzr97rz5-0E1kPG_PQaTnNjHL1jR4Kqqf8atwIEKQbN5UDbz_3SBksn1eBFQZ-XZH3g9PvQ&google_hm=eS1Ob0ZTNUlkRTJwRlp0WlhCNWtpNm9GTkJhU2dpM1B3RH5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F9FA
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEBtP_BjzENBXZFZVKWHH-K8&google_cver=1&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9ep0prg...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEBtP_BjzENBXZFZVKWHH-K8&google_cver=1&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9e...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwNzY1ODE3NDA4MzE4MTY0Mg&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9ep0p...

170 B
232 B

57ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwNzY1ODE3NDA4MzE4MTY0Mg&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9ep0prgtRko_jrhY17-XsnDtF77aA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzYwNzY1ODE3NDA4MzE4MTY0Mg&google_push=ATf1kGN_14mNHlJ2PrhtORpDN0zMFlXNi6jmNWuAsnjj87cPw76U3GZ7IMqKjWtxNjWvb8yOS9ep0prgtRko_jrhY17-XsnDtF77aA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame F9FA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGvrYCzUIeGzJWW8PDkdsIs&google_cver=1&google_push=ATf1kGPLdj1kl8-TQgKdT4o5qpUONy7dN3VB2LYwVFYetP9gpaUub2HrzmyDIXuUMKIWsJ4frd4...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYVVotMTAtSlZYVQ==&google_push=ATf1kGPLdj1kl8-TQgKdT4o5qpUONy7dN3VB2LYwVFYetP9gpaUub2HrzmyDIXuUMKIWsJ4frd4c6tDqnp2QKpAmOipGvQQvKyvxqg

170 B
232 B

55ms
54ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYVVotMTAtSlZYVQ==&google_push=ATf1kGPLdj1kl8-TQgKdT4o5qpUONy7dN3VB2LYwVFYetP9gpaUub2HrzmyDIXuUMKIWsJ4frd4c6tDqnp2QKpAmOipGvQQvKyvxqg

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEhQQUNYVVotMTAtSlZYVQ==&google_push=ATf1kGPLdj1kl8-TQgKdT4o5qpUONy7dN3VB2LYwVFYetP9gpaUub2HrzmyDIXuUMKIWsJ4frd4c6tDqnp2QKpAmOipGvQQvKyvxqg
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F9FA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_push=AT...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_hm=ZGKTKFdZ-HGug29w4MKdQQAADSUAAAIB&google_nid=index&google_push=ATf1kGNlaFT_5QNYmT9c2xWLZaCrcXp74onWh...

170 B
188 B

58ms
57ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_hm=ZGKTKFdZ-HGug29w4MKdQQAADSUAAAIB&google_nid=index&google_push=ATf1kGNlaFT_5QNYmT9c2xWLZaCrcXp74onWhwVt7i1Q3Fn4p_1vgN6PxU8rOn_SIQmLA6EYLH8Ded4CwuWFG6THfcK8-dY7qqUlQA

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 20:16:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEABQ-ozaVs5uW9HRcnig6g0&google_hm=ZGKTKFdZ-HGug29w4MKdQQAADSUAAAIB&google_nid=index&google_push=ATf1kGNlaFT_5QNYmT9c2xWLZaCrcXp74onWhwVt7i1Q3Fn4p_1vgN6PxU8rOn_SIQmLA6EYLH8Ded4CwuWFG6THfcK8-dY7qqUlQA
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F9FA 0
130 B 54ms
50ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KChy82G0Y_W9TyHtAdT4TgBF2tIv7bgAaTTK7UIb6bgMa-ma2li6xWr_u1NUnAjZyncN9A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:39 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame B632 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cd64efdf5cf893ce3a7e83c67665bb841bb6537e8284b9776f3240725cc6769

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame E636
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1&google_push=ATf1kGMJpEgNMV1MORfIW1osQmyx-qoQY-ghHTtVacfP0NsuHe-hWli8VB1Hjv-SAdkzxpOlqDVZN7NEMDAbqoeD1_5ESx4JzQq8jQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI4Mjk0MDgyNTIwOTAwMzgyMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1

43 B
398 B

171ms
90ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEB-b0hbkDhwgm7O_6SRArZE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame E636 35 B
463 B 106ms
103ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAFuAoMOi1qiQjfEE6VedrE&google_cver=1&google_push=ATf1kGOHFZbXr5YLJyuj_9NJmVUNsqRR-IUIsi6ODFT1N-nWqR4ltTLiHTjoIv5ZDsKmYwXr-QsD3GSo792GwZ2711vWS1JaxYT3cQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E636
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEFGCYQlvMWVhAAP2Apyy8Jc&google_cver=1&google_push=ATf1kGPePfJYC8DrpLwPS0MaB0Kh7y7M8aLXV2D2GSSQnpnRIrJqXlaqm4z_pODPJ5pUbNFylGJmzr_GUUdYirdA...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xIVkYpMoRwC0cfTL0yQUYw&google_push=ATf1kGPePfJYC8DrpLwPS0MaB0Kh7y7M8aLXV2D2GSSQnpnRIrJqXlaqm4z_pODPJ5pUbNFylGJmzr_GUUdYirdA9tE3DVMV...

170 B
188 B

59ms
59ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xIVkYpMoRwC0cfTL0yQUYw&google_push=ATf1kGPePfJYC8DrpLwPS0MaB0Kh7y7M8aLXV2D2GSSQnpnRIrJqXlaqm4z_pODPJ5pUbNFylGJmzr_GUUdYirdA9tE3DVMV1VTAHZE

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 15 May 2023 20:16:40 GMT
Server: MT3 851 9bd98ae master zrh-pixel-x30 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=xIVkYpMoRwC0cfTL0yQUYw&google_push=ATf1kGPePfJYC8DrpLwPS0MaB0Kh7y7M8aLXV2D2GSSQnpnRIrJqXlaqm4z_pODPJ5pUbNFylGJmzr_GUUdYirdA9tE3DVMV1VTAHZE
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 15 May 2023 20:16:39 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E636
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFEry1y-X2NfOWxGKspbWE&google_push=ATf1kGOn4WMynXIUUNH3TQkPgaW6vdVDNFjka_jtVteptw5J5kwHYLN_aa...

170 B
188 B

56ms
56ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFEry1y-X2NfOWxGKspbWE&google_push=ATf1kGOn4WMynXIUUNH3TQkPgaW6vdVDNFjka_jtVteptw5J5kwHYLN_aatzSjjt2afOVXapZa-g8SOR_SqSA-1QhEcb9bFiKsXJFSE

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-man4129-MAN
pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1684181800.123908,VS0,VE83
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEMFEry1y-X2NfOWxGKspbWE&google_push=ATf1kGOn4WMynXIUUNH3TQkPgaW6vdVDNFjka_jtVteptw5J5kwHYLN_aatzSjjt2afOVXapZa-g8SOR_SqSA-1QhEcb9bFiKsXJFSE
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E636
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDHuI8W94-4ym0_N9KdFm4M&google_cver=1&google_push=ATf1kGPjv9cVFPlqVcaG9ezYtb3P-LK5IYnFq2snHK7_yzjEufldEJkVYpao9O3Bk0Eac48_juOlM8ORnAHYGjdpu7IbCym...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPjv9cVFPlqVcaG9ezYtb3P-LK5IYnFq2snHK7_yzjEufldEJkVYpao9O3Bk0Eac48_juOlM8ORnAHYGjdpu7IbCymbs799d-I&google_hm=eS1LZUx5NmVsRTJwSFB...

170 B
188 B

54ms
53ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPjv9cVFPlqVcaG9ezYtb3P-LK5IYnFq2snHK7_yzjEufldEJkVYpao9O3Bk0Eac48_juOlM8ORnAHYGjdpu7IbCymbs799d-I&google_hm=eS1LZUx5NmVsRTJwSFBHOFVwaGlMbWt3MG5jdzQ2Lldnan5B

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 15 May 2023 20:16:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ATf1kGPjv9cVFPlqVcaG9ezYtb3P-LK5IYnFq2snHK7_yzjEufldEJkVYpao9O3Bk0Eac48_juOlM8ORnAHYGjdpu7IbCymbs799d-I&google_hm=eS1LZUx5NmVsRTJwSFBHOFVwaGlMbWt3MG5jdzQ2Lldnan5B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame E636 43 B
245 B 119ms
37ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMjWMWzynqmCKVGIyvhjqx4&google_cver=1&google_push=ATf1kGNV3o6ZAPhgc6yzZT9AXkTCvAKW6KE8eUWzVf6xE9zYFCVixaSf2mrFaGyMbATcPLzmW1unA1eUpykszKhCeHgV8Dp31dV_Pw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=265150395&adf=3640588185&pi=t.aa~a.3537654196~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ic6FnWW5X8&p=https%3A//tembodiaries.com&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E636
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELqGIIaaM-1wmwfkjEoLcuc&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqGIIaaM-1wmwfkjEoLcuc&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPX8TbbUv46vjYlsTIUnL8_WpeqW4b9_...

170 B
188 B

59ms
58ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqGIIaaM-1wmwfkjEoLcuc&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPX8TbbUv46vjYlsTIUnL8_WpeqW4b9_vr-y02hOPB1FY7zq94E0hanVSGfHei0_Xs6Xbhe7jmeLcn5w2QfgbQFqmim2-63niQ

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 15 May 2023 20:16:40 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELqGIIaaM-1wmwfkjEoLcuc&google_hm=ZGKTJ1dZ-HGug29w4MKdQAAADSUAAAAB&google_nid=index&google_push=ATf1kGPX8TbbUv46vjYlsTIUnL8_WpeqW4b9_vr-y02hOPB1FY7zq94E0hanVSGfHei0_Xs6Xbhe7jmeLcn5w2QfgbQFqmim2-63niQ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 0
Expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E636 0
49 B 52ms
50ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2eHB37EsolUVkQVJp8QvAm2Ve73ZGYGpJIKg9-FeI5JnVIghQY6S0ywoIdGWmQV7FpNDg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:16:40 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B111
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

59ms
59ms

Document
text/html

2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:16:40 GMT
expires: Mon, 15 May 2023 20:16:40 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:16:40 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB47 15 KB
16 KB 149ms
53ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 06:22:44 GMT
x-content-type-options: nosniff
age: 222836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 May 2024 06:22:44 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB47 15 KB
16 KB 137ms
43ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 23:14:12 GMT
x-content-type-options: nosniff
age: 248548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 11 May 2024 23:14:12 GMT

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame EFDA 37 KB
14 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B632 0
19 B 87ms
86ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CgVU2J5NiZK3HCdi_1fAPlvSS6A7rup_OcPyYhJuKEZfiwaOPDhABIMilnpUBYLuGgIDQCqABgcmv1APIAQKoAwHIA8kEqgTaAU_QT7-ITGnK8MXRO0Ewc8-EHZZUFOS-HnjRpw345qOvthAFvTuGpL69MPyGtcAr0mNe2exTUioMZY6Fmsk6AMXMb56zhoNmkwAiAxeu5djoaxmS0_nbRw787GR5X-gyD474nj0ZRz3KkePCqaXMLsk7C2SEw-j0I0xTVTpi4ExUd7KedmDE53H_odkrMOuVL29s9t7fX8VyvgDz5Fu7F3hz96nhZ3kslKbYmUWdje90mi7onJugqp3h7FVX5x7zXpqYpPAHeBbuYKFwCoeRINLMPpgPFu64LCMzwATk6-_krwSSBQQIBBgBkgUECAUYBKAGAoAHruWQqQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRDLp_0B0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOoAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi03MjQ4MDU5MTcwNzI1MDg2GAA&sigh=QSUSpygCXMA&uach_m=[UACH]&cid=CAQSPABygQiDmfdR1PgxOL_a_lH7Vv2b0ZMyznO9k9rVX3h9B4BcVo7HyiVumxw7jsnjVon4Qfri7XEvi-MmYBgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7248059170725086&output=html&h=600&adk=265150395&adf=3640588185&pi=t.aa~a.3537654196~rp.4&w=300&fwrn=4&fwrnh=100&lmt=1684181798&rafmt=1&to=qs&pwprc=3400730048&format=300x600&url=https%3A%2F%2Ftembodiaries.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=4&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684181798905&bpp=1&bdt=2452&idt=-M&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db416f3bb9ad9d97e-222c63f5d4dd00a7%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA&gpic=UID%3D00000c15cbf8dffd%3AT%3D1684181797%3ART%3D1684181797%3AS%3DALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ&prev_fmts=0x0%2C300x600&nras=3&correlator=4034685720181&frm=20&pv=1&ga_vid=476766829.1684181797&ga_sid=1684181797&ga_hid=779361662&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1070&ady=2821&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759927%2C44759876%2C44759842%2C44773809%2C31071755%2C31074198%2C31074602%2C44788442%2C44792088&oid=2&pvsid=2068310428613037&tmod=1489830012&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ic6FnWW5X8&p=https%3A//tembodiaries.com&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 15 May 2023 20:16:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 154ms
153ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=2068310428613037&bg=!SkmlSR3NAAYldGN0BXQ7ADkAdvg8Wp24Eyh-Uqz3qOkSZYj5rXjnGAfGVXwn9ob0F7iwbfBCmyYV0jTcfCftldkGLh7OqJcW-JACAAAAv1IAAAABaAEHmQKgj5lS-ZzF3tEvBOunbHYvjpUA6YAvkOJThNzz1sFLmzgYL9eFfUwpVCKA21zhHGRqiWDeWuH88IGRngoUKtp1GEHauPMfC_9nCRmhZg7RkvEyEIyPCItoU6CD7UaxTZgBODS3elRRrRD5tvXyRkFCXCNCv53V39wIGQFZgJ6Sv3Zq8pS3C1SC_fYWtsdMM-kYhWPxu5ToiAF0sxHMsAzpYz9iCc5HIJYwgeWworrEYaSAOFTdB_ljtliyFT-zQfsNihE5g02rYFPPE_fxD0Zzf4f_CKA-XIo_TiRxFa2KdEwgrsPSY1bWtNLpKUjb8JwMDS9JvG7oFAoKG5AqXvzk1SwtYTLpsV1QJES9siTNVF-HtxYXrV-Yvl3NKbtKQwBZFGeX2eWX-RR8JTp62Z1v2m34Y7IOKFntw1POAt3MaM9uqFamfIZyZQfJoeeEOY9uoXEWsxWGjSp7D5ui7sB93ef2iuJ7sGHTV9uusIKR_tVpTU47l7S35QQ1tyg-Tjod7zQ_3Oa33xGhnynKFmv45VMr8l3YRCKp-D_nCXCtM50SQN42wUFEkQ4JKKcJ6EMpX9UcLepj1PokwOKNzXVawszovaqfX0X9wH62ZAT91IX0F1vtVGx2Q4CyzmN0bIL44ijquh7zvXY7Xchfy_0dzLasI4W4PwPdiwF6_O7aJfyRhxewyHa2aPG8YAQ-us5afx41VJqy_CgAtE-6VSstszCz04lBtB2foF9eDQS-HPbgSfytxX-tCiZOSzdZACKqwChsTaUqwEig1L6SmMa_LTjHN1Lz6SSm2Se3DqRK4FO654EBJElw_yvMBW1FX1EkqyqZ0op6emF0az6hj2SMDG0cN5xdfZcTlRJMsFbvbu0YC_ENyqEGKJAjha4AsYSs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tembodiaries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame F8EB 37 KB
14 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 168140
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame ED22 42 B
64 B 166ms
166ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuns3Ielhz6SF6iLUX1EaqJrcEW321HUykTYQ5fxwln-Fgd8EVP5G91nT9Oy47V0Q2rIgb6_0bM4AyHRL_UHF5pcT5xtnzk_IrbY4llCxoFu3Zgei2H2O4QbHFrb_60FvwcJHuEcQ&sai=AMfl-YSICGxJy9v2kHL0TGJWpZPyJsCcG4zps3pvjniM36y79eXln7d_92tOHuhZFV8HHAhC283b42whFyMo&sig=Cg0ArKJSzG4b2hO3Xdp4EAE&cid=CAQSGwBygQiD7aHUFqxYXeby9Bxx1FQSYHcJjdjkcRgB&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=185,847,1000,1000,1000&tos=185,662,153,0,0&v=20230510&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684181799032&rpt=485&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 15 May 2023 20:16:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tembodairies.com
URL: https://tembodairies.com/wp-content/uploads/2022/03/me.jpg

Domain: tembodairies.com
URL: https://tembodairies.com/wp-content/uploads/2022/02/footer-logo.png

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tembodiaries.com/	1970-01-20 21:25:41	Name: _ga_DTZ7ZNYFR1 Value: GS1.1.1684181797.1.0.1684181797.0.0.0
.tembodiaries.com/	1970-01-20 21:25:41	Name: _ga_V6TL6X110B Value: GS1.1.1684181797.1.0.1684181797.0.0.0
.tembodiaries.com/	1970-01-20 21:25:41	Name: _ga Value: GA1.2.476766829.1684181797
.tembodiaries.com/	1970-01-20 11:51:08	Name: _gid Value: GA1.2.280934042.1684181797
.tembodiaries.com/	1970-01-20 11:49:41	Name: _gat_gtag_UA_222714788_1 Value: 1
.tembodiaries.com/	1970-01-20 21:11:17	Name: __gads Value: ID=b416f3bb9ad9d97e-222c63f5d4dd00a7:T=1684181797:RT=1684181797:S=ALNI_MYHuEwmDgbuAN1L9P09p3N-68L-vA
.tembodiaries.com/	1970-01-20 21:11:17	Name: __gpi Value: UID=00000c15cbf8dffd:T=1684181797:RT=1684181797:S=ALNI_MYY_7AxYEMpaSooacr4EyMxX6AOWQ
.doubleclick.net/	1970-01-20 21:11:17	Name: IDE Value: AHWqTUk9TLsdVzSNOhjFWhpw1MPwnQuh0C-75a_WEx2ApvJ3C0Ej1j3W0EXUGc3tOI4
.blismedia.com/	1970-01-20 20:35:21	Name: b Value: 646293270BEBD75A133B3F79BLIS
.bidswitch.net/	1970-01-20 20:35:17	Name: tuuid Value: a4a9138b-d280-44c8-8df6-d576f1bc1e2d
.bidswitch.net/	1970-01-20 20:35:17	Name: c Value: 1684181799
.adform.net/	1970-01-20 12:34:20	Name: C Value: 1
.mathtag.com/	1970-01-20 21:15:37	Name: uuid Value: c4856462-9328-4700-b471-f4cbd3241463
.mathtag.com/	1970-01-20 12:32:53	Name: mt_mop Value: 4:1684181800
.casalemedia.com/	1970-01-20 13:59:17	Name: CMPS Value: 3365
.casalemedia.com/	1970-01-20 13:59:17	Name: CMPRO Value: 3365
.bidswitch.net/	1970-01-20 20:35:17	Name: tuuid_lu Value: 1684181800
.adform.net/	1970-01-20 13:16:05	Name: uid Value: 7607658174083181642
.quantserve.com/	1970-01-20 13:59:17	Name: d Value: EE8BCQH_KIEA
.quantserve.com/	1970-01-20 21:19:56	Name: mc Value: 64629328-0c944-f0ee9-278ea
.yahoo.com/	1970-01-20 20:35:39	Name: A3 Value: d=AQABBCiTYmQCEDVordeE7l1meZEE7GyW9sMFEgEBAQHkY2RsZAAAAAAA_eMAAA&S=AQAAAvvIUuGMwpqx1T5ufz3hH7Y
.doubleclick.net/	1970-01-20 11:49:45	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 20:35:17	Name: CMID Value: ZGKTKFdZ.HGug29w4MKdQQAA
.w55c.net/	1970-01-20 21:21:22	Name: wfivefivec Value: ktCrmT6i1PYECA5
.everesttech.net/	1970-01-20 20:35:17	Name: everest_g_v2 Value: g_surferid~ZGKTKAAKW8Bz_wBa
.w55c.net/	1970-01-20 12:32:53	Name: matchgoogle Value: 5
.turn.com/	1970-01-20 16:08:53	Name: uid Value: 3680342598289317679
pool.admedo.com/	1970-01-20 20:35:17	Name: tuuid Value: 2eaac9e5-197a-46ee-82db-64e37a6c8333
pool.admedo.com/	1970-01-20 20:35:17	Name: c Value: 1684181800
pool.admedo.com/	1970-01-20 20:35:17	Name: tuuid_lu Value: 1684181800

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://tembodairies.com/wp-content/uploads/2022/03/me.jpg Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://tembodairies.com/wp-content/uploads/2022/02/footer-logo.png Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1#RS-2-&adk=1812271804&client=ca-pub-7248059170725086&fa=4&ifi=8&uci=a!8&btvi=6&xpc=fiKafgsasF&p=https%3A//tembodiaries.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271803&client=ca-pub-7248059170725086&fa=3&ifi=7&uci=a!7&btvi=5&xpc=QV84zA2pZj&p=https%3A//tembodiaries.com Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.co.uk
adservice.google.com
assets.eddytravels.com
c1.adform.net
cm.g.doubleclick.net
cms.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
match.adsrvr.org
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
sitkatheme.com
ssum-sec.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
tembodairies.com
tembodiaries.com
tpc.googlesyndication.com
tr.blismedia.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
tembodairies.com
142.250.186.130
151.101.130.49
162.241.173.223
18.195.62.93
185.29.132.245
185.61.152.73
185.80.39.216
2001:4860:4802:32::36
2001:678:cb4:bbbb::11
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:801::2001
2a00:1450:4001:802::2004
2a00:1450:4001:803::2002
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:831::2008
2a00:1450:4001:831::200a
2a05:d018:d29:3601:486e:86f2:9a46:8bb5
2a06:98c1:3121::3
3.73.102.15
34.96.105.8
35.186.253.211
35.210.53.219
35.71.131.137
37.157.6.237
69.173.144.165
01dcaf85f2ae23a30115cf4a663e90b4a507dc688c4c17f9ebddc3cf19fee780
07f79fbda35a2bf03f2940978670a2a53cf21e490ecce887bf92fc2e3f359293
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be1dc437a2097b866a07da7fc075e91d83240665d0b1f55e25d7b05541cf243
1060091178cbd6c843b802f516f230f1a3a1e85f1afbd6ef84d80e5430ba457e
10a4b67dc9c10e8f5342dfa38651fbc98a31d68494ec2757ceffb224cf19d229
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a8d2f55077d7bbcb9f2241680e0b17690fa220f076128926de36ac1bd5badc9
212dd68f9fa92d7045b5aed72d633678c29022f98c7d41ac68061acd505098b9
220049135e6c242896cea20cbd980419905e04e43cc5d1f9d23db3e00e25c6f9
244fec526257fcae8c63cffa313bc44a00b8c17f73c72bb6db2d5ce8108a2178
24cc28619bd1df33050f109c0757693c6972958742b7055500c8580209a8a436
2a8e5039e5c976588b0e22862e36908c11da36f83f88b9a36edfeababd6a8d15
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cd64efdf5cf893ce3a7e83c67665bb841bb6537e8284b9776f3240725cc6769
2d63d31e8d9757def2b74e30cd1f2d3b3703186806d24d1cc61d4907405063ea
2d9fd6c852b3a43aa5c69eb29e9fa47ed268027fa39689410c40106881136906
2db0a25447b543eff02741c0133150e504b3f94ab930f55232eb1ec6272ebb95
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3392a2bfde2e2f5cc474e58ae09d8f1b943618fe0c6852cacbb63fe0da455764
353893c6dfd213c596c69a8955f505ab7a0d3324a7df583b489472c7e86cc512
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
3c107b664e7305b99c2c95a67f790e5cda95ee05cc584c6045f987328ad49a6f
3d2b34675fd418a1b23c652fa791f4875ccc12860d9b4b6ec8ae4aa09d51ec1e
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
3fdd494032b50fa8af7a0711ab832c41666395c29684af462b3749ef0a016a35
42a6b24269cc07a2aea6f4aa98d40ae5ce9794f5616aef11f18dccde87a3f65f
477e598ecc74899e1f4e0616bd6799dee77772a9935fdb63e335a7f65a7f102b
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b9d09ae062a3e808cf7372cff57567cd919051bd844d928ec0ac1e3332a283b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
521b0beb670d072059a7e5c18fa60dca5fe4b9f3670dbc7cedf01043b510e050
52db930f81d97113dde679cac624cb5435b56d4ac486e91a0b6692d2cb615a84
53fe616b06697257e450892849c5549476b9ad9561743e9c846c263ea4145fd6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c58bb5c2c1e1b02e1e6a9774f68a1372bf05d830e7e11b7b4c652240014669
5d7ee9e32e90f701f657c79e05661b73662b8eae8c8d67e9385f4ecd8aeb3edb
5df54d29e2fb4e8fc620310cb28d6144c4bbf88299de5505af5b11ea6e3a7738
609fc5e29ea087675252584cd48cb656264f3fab81d1f75d7432b1eb37d9af63
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cb71f31c08ff900d8bc1a5bc75ee0a966a2bc61561e8974e445ef0941d9ff55
6cbaa503253eec78f0e0fe628b7972ac22b33fc895cb3353914051a8938801cc
729329cec82a7806eda9c7ddce604de154943174c3c2a74aef8f3d020e2ebb2d
74497491417477c52fa978f557635e23abe2f4759b78abd040cc068dc97c311d
796dc5b81d62cc89e4fe8a00eaf9fe2a41e04c6156baf7fafc326242c16ec7fa
7a4dd634379022632ee75dcfc3b0c982c74d400833e2703b104bbe8efac0d591
7c103a1aca4430cffbf0b2ae81abf09c72b8c321fc5cce20638c56961a99e408
7cb42ed8404160fff12f49f64fc98e9eb228d9ccbb6be417f513fec10b689be5
82a3f52432d45f4747280e35581c300a703d0e394425558cc648a3237e7edab6
839332017eb030355b9a67574e3cb182711a0d597d630a11410d9f798b9855f8
83c0664059afaa3621c47dc1c8e06c8bdcd2d2ed01119d412e063278bdfc7679
8a93fd39340c9bb9ee5f5e41953d2b509736bf2a5f63279ee504e3bab1815d66
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d24ced4298f437d3f3394fda398c079f2e69fb6ac06eca30b892b78634b32c0
9f7e28b619c7a244c99ce822123c155d62c6813ed77a0a1f13230f314abfb9cd
a066d3a3262e61c20c373a5f049ee09124b4e37ad12cddc37db92fa10925932c
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ff92cfb2b84dd011a5938d99369d5b8edde24e88e28ce20e369a3f8b29bf48
a2fe19e2780e03cb89ec0bae1c3ffd17489ea259c5e2d6195ebab7a31588618f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a87d58df677860830532ac74735e54fbde9ab284f114c5a5f76d0a32245b4480
ab21762c3f447aa08cbefd5ea3866165f925bd5058a9ae19e23721462de6fb60
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ad996cd4dc498256001ca41d06b2ff066431e8f72658ca0d4191fce21e29a218
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b08ff8b3ae868474c50aaac3d85f24dbb3edb03969e1db198ac5d674cdaef009
b2459d9a5364336c3285654f02caa692a70346a8c2e1911fa6b807f806c67e3c
b6d69a0a482827350621bcadaa0b2c87187938d6c540330f0b4a244d1adcdb1f
c01595a4679d6a7f2897cce0a30617b8b655985f64aa7a0b3b05d79e8f365869
c1fcdc6d7aaa08e7983e3771e4ff88a4c67c65373e6a284bc1fe5560b9499143
c3d4a2557eac67dd95aeff1dbeb60c139028083b443bbd82c2359a0dec6dcfec
cf3a9498a03d34724997b7b253cdcfb3401253088bdc7663e2cfdde1fe584375
cfce838bf08d7934a42f812673c2f6dabf547ed90f67288edd5ee14d0ec303f9
db7ed1e8ee569d76b2e60e77ab7e77b6934a880e157f4a71c8f68826500f6e3d
dcafbc92340af73c549ed2bfdbd50e1e3c62b4b7caa44eb5fbbe776066a09cc7
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
ddc56230595914b645179e44d4e5963d0599cefac150c928f4fdab13a23caf3b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44a8e5364f4d790e1c6124f175347a8b2b7aa992614818a2b49ccc59ed6de0a
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
eee21433abeedd0decc0113081c0c04a14881f5499f470ac81fcb41c9978d555
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef9c24e9283aeb9681eddde538642816aa7b981dae1fd839d4c61647929cae65
f15c0e6e911cc7b11c95c9f60b60e5cc0326d7261d3c523899cf47dab4597a33
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f678e23975d8a4b9ef06d609eda5056d2cdd3014d60cfeba393661300cd100f4
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f99681320f8d8ad2793dcfc06983d693857388ed42317fa4a3c8fba159c256d7
fa5a25f1cd30b5f4d3e17e0ef4354b385f7f2b337ebe35f65e3ce7069b1953a0
fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31
fdc79b8c47c6d5c20def82fa5f6a91e3cbe3057bff3f8b14b5c2c71dc9b57ec4
fecea83799f8e9f6c45fe07c3a68f90d7b85cb455a9b817a766d335a5a037df6

tembodiaries.com Open in urlscan Pro 185.61.152.73 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

175 Requests

90 %HTTPS

55 %IPv6

28 Domains

34 Subdomains

23 IPs

7 Countries

2664 kBTransfer

5947 kBSize

30 Cookies

8 Outgoing links

Redirected requests

175 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tembodiaries.com Open in urlscan Pro
185.61.152.73 Public Scan

Screenshot
Live screenshot

Full Image

175
Requests

90 %
HTTPS

55 %
IPv6

28
Domains

34
Subdomains

23
IPs

7
Countries

2664 kB
Transfer

5947 kB
Size

30
Cookies

175 HTTP transactions
5 data transactions