untoldtea.com Open in urlscan Pro
2606:4700:7::a29f:872a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://untoldtea.com/
Effective URL:
https://untoldtea.com/
Submission Tags: falconsandbox
Submission: On August 04 via api (August 4th 2022, 11:33:19 pm UTC) from US — Scanned from DE

Summary HTTP 221 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 46 IPs in 6 countries across 34 domains to perform 221 HTTP transactions. The main IP is 2606:4700:7::a29f:872a, located in United States and belongs to CLOUDFLARENET, US. The main domain is untoldtea.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.

This is the only time untoldtea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 32	2606:4700:7::... 2606:4700:7::a29f:872a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3033::6815:3f36	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
1	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	99.86.4.23 99.86.4.23	16509 (AMAZON-02) (AMAZON-02)
5	2600:9000:205... 2600:9000:2057:9000:1c:38a0:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:fa00:8:9ed9:9c40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
7	54.149.127.17 54.149.127.17	16509 (AMAZON-02) (AMAZON-02)
2	18.158.184.65 18.158.184.65	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
4	2600:9000:205... 2600:9000:2057:0:3:748e:7940:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1 33	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
5	2a02:26f0:350... 2a02:26f0:3500:595::2c79	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 3	18.192.108.196 18.192.108.196	16509 (AMAZON-02) (AMAZON-02)
13	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9	16509 (AMAZON-02) (AMAZON-02)
4 4	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:6822	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.0.187.152 52.0.187.152	14618 (AMAZON-AES) (AMAZON-AES)
1	54.145.157.73 54.145.157.73	14618 (AMAZON-AES) (AMAZON-AES)
4	2600:9000:205... 2600:9000:2057:9000:1e:efeb:b400:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	185.89.211.117 185.89.211.117	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.70.17.67 52.70.17.67	14618 (AMAZON-AES) (AMAZON-AES)
4	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
2	54.93.158.222 54.93.158.222	16509 (AMAZON-02) (AMAZON-02)
2	104.17.120.107 104.17.120.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
221	46

32 2606:4700:7::a29f:872a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

untoldtea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-23.fra6.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:9000:2057:9000:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:fa00:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.149.127.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-127-17.us-west-2.compute.amazonaws.com

events1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.184.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-184-65.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:0:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)

avm.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

play.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
player.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.192.108.196 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-108-196.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.192.160.219 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:c::5c7b:6822 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.avplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.0.187.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-187-152.compute-1.amazonaws.com

track1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.145.157.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-157-73.compute-1.amazonaws.com

go1.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2057:9000:1e:efeb:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)

content1.avantisvideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.211.117 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 957.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.70.17.67 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-17-67.compute-1.amazonaws.com

sync.aniview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.158.222 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-158-222.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.120.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	605 KB
35	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 stats.g.doubleclick.net — Cisco Umbrella Rank: 118 cm.g.doubleclick.net — Cisco Umbrella Rank: 208	196 KB
32	untoldtea.com 1 redirects untoldtea.com	981 KB
22	avantisvideo.com cdn.avantisvideo.com — Cisco Umbrella Rank: 21328 static.avantisvideo.com — Cisco Umbrella Rank: 21877 events1.avantisvideo.com — Cisco Umbrella Rank: 20158 cdn1.avantisvideo.com — Cisco Umbrella Rank: 25331 avm.avantisvideo.com — Cisco Umbrella Rank: 22033 content1.avantisvideo.com — Cisco Umbrella Rank: 39516	3 MB
15	gstatic.com fonts.gstatic.com www.gstatic.com p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com encrypted-tbn1.gstatic.com	161 KB
11	aniview.com play.aniview.com — Cisco Umbrella Rank: 15151 player.aniview.com — Cisco Umbrella Rank: 1567 track1.aniview.com — Cisco Umbrella Rank: 1647 go1.aniview.com — Cisco Umbrella Rank: 4734 sync.aniview.com — Cisco Umbrella Rank: 2403	210 KB
10	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	2 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	258 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	4 KB
4	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910	211 B
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1751	3 KB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453 r.casalemedia.com — Cisco Umbrella Rank: 713	3 KB
4	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4423 k.p-n.io — Cisco Umbrella Rank: 2855	58 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 326	1 KB
3	agkn.com 3 redirects d.agkn.com — Cisco Umbrella Rank: 568	2 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52 region1.google-analytics.com — Cisco Umbrella Rank: 2742	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	154 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	129 KB
2	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2731	2 KB
2	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 2634	313 B
2	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 462	2 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1516	484 B
2	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 925	462 B
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 611	140 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8117	914 B
1	avplayer.com player.avplayer.com — Cisco Umbrella Rank: 11018	71 KB
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 636	166 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1083	463 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1388	297 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	646 B
1	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731	14 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	30 KB
1	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 951	13 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
221	34

	Domain	Requested by
33	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
32	untoldtea.com	1 redirects untoldtea.com code.jquery.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com untoldtea.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	untoldtea.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	cm.g.doubleclick.net	untoldtea.com googleads.g.doubleclick.net
8	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	events1.avantisvideo.com	untoldtea.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	fonts.googleapis.com	untoldtea.com googleads.g.doubleclick.net
4	c2shb.pubgw.yahoo.com	player.aniview.com
4	content1.avantisvideo.com	player.avplayer.com
4	track1.aniview.com	untoldtea.com player.aniview.com
4	player.aniview.com	cdn.avantisvideo.com player.aniview.com
4	e.dlx.addthis.com	4 redirects
4	avm.avantisvideo.com	cdn1.avantisvideo.com cdn.avantisvideo.com
4	cdn.avantisvideo.com	www.googletagmanager.com cdn.avantisvideo.com
3	pixel.rubiconproject.com	3 redirects
3	d.agkn.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	untoldtea.com www.googletagmanager.com
3	cdnjs.cloudflare.com	untoldtea.com cdnjs.cloudflare.com
2	biddr.brealtime.com	player.aniview.com
2	hb.emxdgt.com	player.aniview.com
2	secure.adnxs.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	r.casalemedia.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	odr.mookie1.com	googleads.g.doubleclick.net
2	id.rlcdn.com	googleads.g.doubleclick.net
2	p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com
2	p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com	googleads.g.doubleclick.net p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com
2	k.p-n.io	cdn.p-n.io
2	static.avantisvideo.com	cdn.avantisvideo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	cdn.p-n.io	www.googletagmanager.com cdn.p-n.io
1	sync.aniview.com	player.aniview.com
1	go1.aniview.com	player.aniview.com
1	player.avplayer.com	cdn.avantisvideo.com
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ag.innovid.com	googleads.g.doubleclick.net
1	play.aniview.com	cdn.avantisvideo.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	cdn1.avantisvideo.com	cdn.avantisvideo.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	maxcdn.bootstrapcdn.com	untoldtea.com
1	code.jquery.com	untoldtea.com
1	use.fontawesome.com	untoldtea.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
221	54

This site contains links to these domains. Also see Links.

Domain
socialsnap.com

Subject Issuer	Validity	Valid
untoldtea.com Cloudflare Inc ECC CA-3	`2022-07-05` - `2023-07-04`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
pushlycdn.com Amazon	`2022-02-14` - `2023-03-15`	a year	crt.sh
*.avantisvideo.com Amazon	`2021-11-24` - `2022-12-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.p-n.io Amazon	`2022-01-10` - `2023-02-06`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-11` - `2022-10-03`	3 months	crt.sh
*.aniview.com DigiCert SHA2 Secure Server CA	`2021-12-30` - `2023-01-03`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
outstreamedia.com R3	`2022-07-17` - `2022-10-15`	3 months	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-08-02` - `2023-01-25`	6 months	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh

This page contains 31 frames:

Primary Page: https://untoldtea.com/
Frame ID: FE6A0E3D56E069A4EFD37611F0B88FFC
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html
Frame ID: 4CCECE36F70707AFA8AE3FBDB9C86300
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1659655992&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655992493&bpp=5&bdt=849&idt=92&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6878584247776&frm=20&pv=2&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107
Frame ID: 3236FB9FE7AA121F4CF7F56A21C26D55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655992&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655992498&bpp=2&bdt=854&idt=106&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=E1OzW0cFcF&p=https%3A//untoldtea.com&dtd=108
Frame ID: B440AAAF6532E3E56A75766AA955699D
Requests: 14 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: 750601C299354D3F646E02F64A28D63E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JpbB7JEVt7&p=https%3A//untoldtea.com&dtd=11
Frame ID: 42E5C95883FE9274019E328B0A995238
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22
Frame ID: 5D2627B77258749CAAAC609E90BDA510
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26
Frame ID: B4C4DF7953A3683D2DF255E9F07F6784
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Frame ID: 38010E9EDE70AE82907E9B3FAC0DE6B4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Frame ID: CFDE64B910DC256410AA231011550C5B
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 725BC8BB1F1DF1E460CF42A53B75CE0C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 43DB66DD53C4C3053A8C5FEC92313D83
Requests: 2 HTTP requests in this frame

Frame: https://p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 310BA5E38123321D695FE70807E019DB
Requests: 2 HTTP requests in this frame

Frame: https://p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: BB649F2AEA8D6697A727A902288DC906
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A2C9C64522DBD9A2AB0960594021B9EE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 316A629C199323ED80BABEA284FC2020
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: ABFEF62131B667D3F8F3F0DC06F25A14
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 81ABE3E5C1D2D4621A7E0EEB8E41BEB3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1BEBBE6723C748ACDBF5706521F280ED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 873F81A870AA385F4BE5E3D4ACF44E8E
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 945A7CF73C612BAC8ED8D62B75513A05
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1188AE53F326009AAAE5ACD190B8905D
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 36D1D14A1B0007CDDCA03026EA9CAE92
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 1FC3AD33B84207EF20145B9BBC0D6946
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: F3FA8FA9C6D9C8A0C63533FF6343E533
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Frame ID: E54F7EA1332C162AFA89E79170FB3762
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1659655994461-925059311695-006756-001-002125&biddername=55&key=764224119432732910
Frame ID: BA53E7C5D5DDF5C80983EF9983B332AA
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8F3766B1BB9AE3C809B37DA1E0AE1D58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5FFCB5A7720B0F945937D2A133675EBE
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 7E722F42E09B3870CBE280AD011D5109
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 25881E15DD19D506A0A37E21643A01D8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Untoldtea

Page URL History Show full URLs

http://untoldtea.com/ HTTP 301
https://untoldtea.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

221
Requests

93 %
HTTPS

56 %
IPv6

34
Domains

54
Subdomains

46
IPs

6
Countries

6186 kB
Transfer

10780 kB
Size

37
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://socialsnap.com/?utm_source=WordPress&utm_medium=link&utm_campaign=inthewild
Title: Social Snap

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://untoldtea.com/ HTTP 301
https://untoldtea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 110

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 111

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 145

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODApZPRswEQwAEYwAEyCC7civlwKD_W HTTP 301
https://tpc.googlesyndication.com/simgad/13952197847798325392

Request Chain 156

https://d.agkn.com/pixel/2175/?google_gid=CAESEKLCFiv6cbKrYYGbMJKvrGU&google_cver=1&google_push=AehlK4CVjKYz19Sxot1ZgadbgId1vMAxsbAnTEjjcp9JcL3q2RRlSYS8hu7rGA6sw5zin_ak9_tihbk1hDAx78pygYQnbXY_D1II8g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CVjKYz19Sxot1ZgadbgId1vMAxsbAnTEjjcp9JcL3q2RRlSYS8hu7rGA6sw5zin_ak9_tihbk1hDAx78pygYQnbXY_D1II8g&google_hm=Q0FFU0VLTENGaXY2Y2JLcllZR2JNSkt2ckdV

Request Chain 159

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGJmUmrh5uMxWGyrLgzzlAI&google_cver=1&google_push=AehlK4AeFI74m72znwrebN_jC2-HZl834C1s8PGysBa3VR8jAuqBQEUMkkUJSpYt-d7eOh-aq8nWyuMNx3VISJ4vk23v71hbmZ5AWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItMi1DMVhN&google_push=AehlK4AeFI74m72znwrebN_jC2-HZl834C1s8PGysBa3VR8jAuqBQEUMkkUJSpYt-d7eOh-aq8nWyuMNx3VISJ4vk23v71hbmZ5AWQ

Request Chain 160

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPHVYVAZ5NFzHzpo9BZFeT4&google_cver=1&google_push=AehlK4CvSNCaXaWX9vHajKixOi2ab7FQ7wyOeEBdUmUZW1A7pDu1X8iEQYrxNgelLWrx5_U0TFG4WAGjPOHY6Jo9rPAu3Ef9OWD6Pg HTTP 302
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPHVYVAZ5NFzHzpo9BZFeT4&google_push=AehlK4CvSNCaXaWX9vHajKixOi2ab7FQ7wyOeEBdUmUZW1A7pDu1X8iEQYrxNgelLWrx5_U0TFG4WAGjPOHY6Jo9rPAu3Ef9OWD6Pg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4CvSNCaXaWX9vHajKixOi2ab7FQ7wyOeEBdUmUZW1A7pDu1X8iEQYrxNgelLWrx5_U0TFG4WAGjPOHY6Jo9rPAu3Ef9OWD6Pg&google_gid=CAESEPHVYVAZ5NFzHzpo9BZFeT4

Request Chain 164

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6I06-NnxsjZSArb9yVIhg&google_cver=1&google_push=AehlK4AXTibiTFLaF6FVYJVvAhAK-4hJjQLiFqWfap7u-KjAg-tUvboAnqmyQ3q8fJniPBvIYwg0ATMr5IzxKGLpt1YhwVjhCXI-_w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AXTibiTFLaF6FVYJVvAhAK-4hJjQLiFqWfap7u-KjAg-tUvboAnqmyQ3q8fJniPBvIYwg0ATMr5IzxKGLpt1YhwVjhCXI-_w&google_hm=Q0FFU0VLNkkwNi1ObnhzalpTQXJiOXlWSWhn

Request Chain 166

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CUaAJPzCIhTHS9FoMo4y4scn5chxITj8zWi_V5Y6e9RvBLcRb7v9244fWG4mqYxeAlcfNd0Shs8PqY_ZdLJ34vM_mcBMqZ&google_gid=CAESEHjoxevz7Z3p00AZdWqBifw&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CUaAJPzCIhTHS9FoMo4y4scn5chxITj8zWi_V5Y6e9RvBLcRb7v9244fWG4mqYxeAlcfNd0Shs8PqY_ZdLJ34vM_mcBMqZ&google_gid=CAESEHjoxevz7Z3p00AZdWqBifw&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDA1NzA4MTAxMjA4MQ%3D%3D&google_push=AehlK4CUaAJPzCIhTHS9FoMo4y4scn5chxITj8zWi_V5Y6e9RvBLcRb7v9244fWG4mqYxeAlcfNd0Shs8PqY_ZdLJ34vM_mcBMqZ

Request Chain 169

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3X62OzDEmMNz_c5G67V8M&google_cver=1&google_push=AehlK4BdWuAdQ86G-dshC6_D3S6rdvUScTi9tYAV2SW3GXPkAcsnel6UI5mDqU60YzDRNnEhvf_WQz8fiYXyBJyYcywLNoZcGDdM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItTC1JNlRO&google_push=AehlK4BdWuAdQ86G-dshC6_D3S6rdvUScTi9tYAV2SW3GXPkAcsnel6UI5mDqU60YzDRNnEhvf_WQz8fiYXyBJyYcywLNoZcGDdM

Request Chain 173

https://d.agkn.com/pixel/2175/?google_gid=CAESEIXzTwAhqGsUnubhu6VBsFs&google_cver=1&google_push=AehlK4Aj0Hszi7-l0RD9DC4nFk8xYWYUjEcHcNgibBKjEtMoMsfxOtyJR0SVHXJJp8lZwbDgLtrkYkhA5LymAm7p0qKO-ugMad0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Aj0Hszi7-l0RD9DC4nFk8xYWYUjEcHcNgibBKjEtMoMsfxOtyJR0SVHXJJp8lZwbDgLtrkYkhA5LymAm7p0qKO-ugMad0&google_hm=Q0FFU0VJWHpUd0FocUdzVW51Ymh1NlZCc0Zz

Request Chain 174

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DoV2lQbZay4v9lr2U81ChFvzfTxLLZ1yBS0Oh7if4RAR1msoD4l5LrCgzMPT2zxJ-UqgPjP_4Hj6tRugOSCV-95GlOLz8&google_gid=CAESECglB0gZY_sa998MblbsxeM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DoV2lQbZay4v9lr2U81ChFvzfTxLLZ1yBS0Oh7if4RAR1msoD4l5LrCgzMPT2zxJ-UqgPjP_4Hj6tRugOSCV-95GlOLz8&google_gid=CAESECglB0gZY_sa998MblbsxeM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDAxODMwNjY2MDQxMA%3D%3D&google_push=AehlK4DoV2lQbZay4v9lr2U81ChFvzfTxLLZ1yBS0Oh7if4RAR1msoD4l5LrCgzMPT2zxJ-UqgPjP_4Hj6tRugOSCV-95GlOLz8

Request Chain 177

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNJJ1-v3bCQNgBYPl7xIJs&google_cver=1&google_push=AehlK4DNUsgrbFLlegmWSAccqULh4DUnmiiHV-QVf0mBFdKFqopf7gaFM135ZKAS1Gytg6b500uVF3tAIMpROD3YeuEH5-dFkSI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUMtMUMtSlZBVw==&google_push=AehlK4DNUsgrbFLlegmWSAccqULh4DUnmiiHV-QVf0mBFdKFqopf7gaFM135ZKAS1Gytg6b500uVF3tAIMpROD3YeuEH5-dFkSI

Request Chain 178

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECotQTKeA8bOVyofOIwEJ14&google_cver=1&google_push=AehlK4Cyq3-5IV51eeeLtu85SZzr6rVk2eGgzuelYZAA4whHb0gGlRmDx6D89sxqUWsoJjRr3DcYoZQcp0kSSH2RfZWwfmNttGc HTTP 302
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECotQTKeA8bOVyofOIwEJ14&google_push=AehlK4Cyq3-5IV51eeeLtu85SZzr6rVk2eGgzuelYZAA4whHb0gGlRmDx6D89sxqUWsoJjRr3DcYoZQcp0kSSH2RfZWwfmNttGc&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4Cyq3-5IV51eeeLtu85SZzr6rVk2eGgzuelYZAA4whHb0gGlRmDx6D89sxqUWsoJjRr3DcYoZQcp0kSSH2RfZWwfmNttGc&google_gid=CAESECotQTKeA8bOVyofOIwEJ14

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 183

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 198

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659655994461-925059311695-006756-001-002125%26biddername%3D55%26key%3D%24UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1659655994461-925059311695-006756-001-002125%2526biddername%253D55%2526key%253D%2524UID HTTP 302
https://sync.aniview.com/cookiesyncendpoint?auid=1659655994461-925059311695-006756-001-002125&biddername=55&key=764224119432732910

221 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
untoldtea.com/
Redirect Chain

http://untoldtea.com/
https://untoldtea.com/

84 KB
17 KB

513ms
486ms

Document
text/html

2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7c7f55b7c3307e111c19518cf78c1474e9e37ab5d4aa9133c9392e7bf38e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 735b18b8bc7490f4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:11 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 19 Nov 1981 08:52:00 GMT
ki-cache-type: None
ki-cf-cache-status: BYPASS
ki-edge: v=17.7
link: <https://untoldtea.com/wp-json/>; rel="https://api.w.org/", <https://untoldtea.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://untoldtea.com/>; rel=shortlink
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jk2YJ4RCt53Fu9vISdnIvtkiaGfXypZIyHdh02xqa%2F8167ZY8V12qG0gaTgTwXbakbvPnrurAXT2x29bfHQxw8K%2BV0Za4ttOIFB0kr3xcd7yHvUQ4Qi9oXvyKGT%2BcUvl3IdbICId%2FCeSJgk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-edge-location-klb: 1
x-kinsta-cache: HIT

Redirect headers

CF-Cache-Status: DYNAMIC
CF-Ray: 735b18b4f81e9bef-FRA
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Thu, 04 Aug 2022 23:33:11 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Ki-CF-Cache-Status: BYPASS
Location: https://untoldtea.com/
NEL: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Pragma: no-cache
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4J%2BV7UsxKWEVDTzD2cbJEkFm5jzx3%2BmyJL9v973YgRoFj0faCDeParlZeB00uTWsp6rcxcioNtR9J7HB1p6v2lsjhX2cLei0eXWJoE%2F6lqk5Au5v2oMtoSy4nxbCIrDkMBZ60etF1QDnQtM%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Edge-Location-Klb: 1
X-Kinsta-Cache: HIT
X-Redirect-By: WordPress
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cache-type: None
ki-edge: v=17.7

GET
H2 200 main.bundle.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 143 KB
16 KB 591ms
588ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/css/main.bundle.min.css?ver=6.0.1

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,05f633772b5dd5612ecc438bbaba88c51ced66e2d0af920e82671d67527bde25
cf-cache-status: MISS
ki-edge: v=17.7
cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,05f633772b5dd5612ecc438bbaba88c51ced66e2d0af920e82671d67527bde25
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: SAVING
last-modified: Mon, 15 Nov 2021 14:14:48 GMT
server: cloudflare
etag: W/"61926b58-23d8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fAV8o4vzljfInuaaEzFbI16i5KSkIfzghVeIxWDLQolDMRzw8ag3jYItliESECraEecMbXSqPKYCMtcnmKJWeeKpVEmYhy2cmlmoySG%2F08IXT0i71IBdH9cPEudTRSGkQy8svV8xtTTqdLI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 735b18bbde9b90f4-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Sun, 01 Aug 2032 23:33:12 GMT

GET
H2 200 main.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/minified/ 57 KB
12 KB 584ms
583ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/css/minified/main.min.css?ver=3.4.2

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,1ead8f179b35d41d49a7ab4218039f8e1b29f4d1272ffc0ee2725e529bc2a9db
cf-cache-status: MISS
ki-edge: v=17.7
cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,1ead8f179b35d41d49a7ab4218039f8e1b29f4d1272ffc0ee2725e529bc2a9db
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: SAVING
last-modified: Wed, 12 May 2021 10:34:35 GMT
server: cloudflare
etag: W/"609baf3b-e390"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y2Wfrgdbf2lyx%2B3Mt0jsxENWGuK2d1Xl3rehjFjUDFCUz3YnIE%2F2buoi%2BPNT0D3X9jNdQbvEhH5lNFhSYGW%2BH5MMqnyK0wBiiC66UV6ixj2qBoYX9ZRsg7rEGCS42mbfRmkoXIrXZbuGzgQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000, s-maxage=31536000
ki-cache-type: CDN
cf-ray: 735b18bbde9c90f4-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Sun, 01 Aug 2032 23:33:12 GMT

GET
H3 200 wp-emoji-release.min.js Show response
untoldtea.com/wp-includes/js/ 18 KB
5 KB 37ms
36ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,f28df1f795cd5542544741ff7fa03d01e20c4be2f7b6024a1ada0f1bc5767977
cf-cache-status: HIT
ki-edge: v=17.7
age: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 21:45:10 GMT
server: cloudflare
etag: W/"62bb7666-48b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ax%2FImQyMX%2BF6ekBcye6KnTR3ixp74aI6uQHVUTcvwxq8gaxALo9qUw1lY8VdrGBLz9K%2B7ri19uvkcYcFUc5qJmIhuwHpTpnaZPo%2BcSFaRZF8iC9jsZSUgQ4XpunL8U09aNMNGHUNvdW76dQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bfedeb9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 style.min.css
untoldtea.com/wp-includes/css/dist/block-library/ 87 KB
12 KB 38ms
38ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,f61582a2b1b639c470a0f44fc7542837a98a6e15ce733caec532f156972875b1
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Tue, 12 Jul 2022 17:55:44 GMT
server: cloudflare
etag: W/"62cdb5a0-15b64"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xVVk73UjL6g2a%2BrrE7uKHu60WkMVfxCIOyMevXLYYwyO4uAY9gktLWfPcvyoupbrTAMhtuGsE07yc10obSGdRP7yvreOK8dBiWQAwMRAHG9zrhwRvAiV2NxgjmXxgRn2ax2EezvZkecxPuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bcf9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 adsforwp-front.min.css
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/ 1 KB
1 KB 36ms
35ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/adsforwp-front.min.css?ver=1.9.21

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,858cebec5dd8f760124cb5db85851b7b32b621f215f4eebb5339d250f642a489
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Fri, 15 Jul 2022 07:01:10 GMT
server: cloudflare
etag: W/"62d110b6-4c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wU5kCxz83%2FL%2FaWvOT%2FU8hUQM7VylKyuVKz1vgRqd3IMHjt0WZHWw5e4rFIXpsXLh%2FLX%2BrljT1MMCrOvjcyIwkW1b1Tp8N2RqM2b6eOOgC%2B2BWK6y%2F9TPJ1a2esF0N1gJ8dLJA6d8HPu8LmA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bd09070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 categoryimage-public.css
untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/ 7 KB
2 KB 51ms
51ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/categoryimage-public.css?ver=1.4.6

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,3d4e1cf646173b5aeff52b1c74ecada83bcc74cd647f02d954656baf43b7f63c
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 07:51:38 GMT
server: cloudflare
etag: W/"6266530a-1a27"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2c91epQCq0%2FJlg9N8Lg3CKdAdr3%2FYbslJaAJr2ShzoY4ATS4FL2p1Md8vHZ2CfdUwrZE6QiATwiWF664a%2FfHbaVnA9ZJHTGSk6NyCRaCONM%2B%2Boo9vzK2wNk9Ugxw2wLi6Vv44EBY%2BNGuDI8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bd19070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 socialsnap.css
untoldtea.com/wp-content/plugins/socialsnap/assets/css/ 67 KB
9 KB 36ms
35ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/socialsnap/assets/css/socialsnap.css?ver=1.1.17

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,64ae08eed5f0c9220c566d00957d272c99d2f84667299c4031f47da0023ef915
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 07:51:45 GMT
server: cloudflare
etag: W/"62665311-10bfa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhfKNc1tawAEeDK8AV62ReRIKmYO0qzBFdeupqFznezV%2FZmndO%2FZWuD44kWx7a0G2R4kGgL8IpvlQB9ZRxWJYf%2B5jEzToGW0NPBDrmNd31ZS5sLEd0oK9hH40sg8HyaKbvD9xF8OLqexd44%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bd29070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 ivory-search.min.css
untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/ 7 KB
2 KB 44ms
43ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.4.7

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,1c7b4d545f5a3177640e82aa95a95622b793910e47b783fda1f201d8ba76e37e
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 21:01:11 GMT
server: cloudflare
etag: W/"62bb6c17-1a9b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPJ5nh92FWLgPMtEcZmHkRfaSCDu4p9swgXpb8%2FT5OJVohjux7uQv1iTS67LMdFrKS2b4k2cXhw5pNkmThlE%2FSLsqwnOC3Koof25rUwEfkwBJfxj4GLi2bu43DBH9Vij60%2B%2B3c7qWdkYI6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bd39070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 jquery.min.js Show response
untoldtea.com/wp-includes/js/jquery/ 87 KB
32 KB 44ms
43ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,e2e1f402504984a65844a4d022b901e5279d478e0a7f4a1615f1194b8466cfda
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Tue, 20 Jul 2021 19:52:55 GMT
server: cloudflare
etag: W/"60f72997-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YDgR7KbCQ7Ob81KYFdE5g8Xcf0dBmSei458sfx7Z8%2BpRcPOMe6cDhDKr1vPlYMo4r8A3DRo4rrQ6b4fbrhz5ITaasGTsn%2F2O%2Fq2mO4igC6CLwP6czM%2FFkI3QhYX0xyi1%2FOF%2B42ZZfCHbJMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bd89070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 jquery-migrate.min.js Show response
untoldtea.com/wp-includes/js/jquery/ 11 KB
5 KB 48ms
47ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,31678bfcef2c6b570815652d5caed0bda5656d4e4a8119349cd75122ae6477a2
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Fri, 07 May 2021 09:11:45 GMT
server: cloudflare
etag: W/"60950451-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFEbmcQkR2lfKDvHKHKF3N%2FyHaPmg4ey%2BC%2BQwiiSuIjuRj6ot6T3x2D3H3BrzaL8lS8Nv8H%2B6cHe8wjAWl%2BlBYQRFA4vLOFDpQ9INZXo%2FvLMnigYhRlv3jrISznzyVIgMihPcOs0Cum6WCw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bd99070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 custom.js Show response
untoldtea.com/wp-content/themes/astra-child/assets/js/ 997 B
1 KB 41ms
40ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/js/custom.js?ver=6.0.1

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,1a322c28409d7bfb5d7e38586325ab61f985389a21067672f9ae6ed96f301d9c
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Wed, 15 Sep 2021 10:32:05 GMT
server: cloudflare
etag: W/"6141cba5-3e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cB0bGU0uPLg1GBiA9AdjXHE5%2FSHR%2FyQOFskMPXxR4I78tjdZWJMyJHIrVKqVYLg8CLkk7Fm4G1Ygy57M220KQE9knAYGHRW4GzuACJ1JydxG8VEfLOdvLewWO2dgo%2F6jkVgX9KDk3eYoBcA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bda9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 bootstrap.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 141 KB
22 KB 44ms
43ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/css/bootstrap.min.css

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,9e44f164abcbc7045b7cfd0aa6cc0d0c7f9c86cfc10092cf5a2617c6d0e80743
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Wed, 12 May 2021 11:27:26 GMT
server: cloudflare
etag: W/"609bbb9e-235ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HHM3u%2FNhuOig0exqCIRnKYZODn3o7kHKwIiTmsvtzbBbHs4RSWr3JEcXrgNLoJhmz7ldRbFk%2Bf9leu6ODroW2QDXDGTKoPI9u8aOZFrSfgIT5%2FWsa7ee6u5mgEEoVuHcc0f0VsXKckDjj64%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bdb9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H3 200 owl.carousel.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 3 KB
2 KB 41ms
40ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/css/owl.carousel.min.css

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,ec999bfb734be1a3d178a80faeada18acab3e877a49068cb0f6756271bfe462c
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Tue, 18 May 2021 14:03:06 GMT
server: cloudflare
etag: W/"60a3c91a-b78"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Isl%2Bh07fXqxKCbnuZBI87ao9JPUJFLQ9HmFeT8ryfgREO6%2BRdw3V0JNtbkgisMBT%2Femgk3FmJ20wlkyA3EoK2Vo%2FB%2BWPU2UndJvgGf5g79f7qDPtCNomd2xPDx7o0kKNURTn3%2FxA9uYS1g%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bdc9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.8.1/css/ 54 KB
13 KB 149ms
122ms Stylesheet
text/css 2606:4700:3033::6815:3f36
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by: Host: untoldtea.com
URL: https://untoldtea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer: https://untoldtea.com/
Origin: https://untoldtea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 9SKPHJY2K6VGPMDT
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Rs4BUk+uyOs20NoPYR2rhskyY7jK2g3sjHk4zSxo6jiMS5Xrmw5Vr2GzRND8X/upCd5+YOatlf0=
last-modified: Wed, 30 Jun 2021 15:46:39 GMT
server: cloudflare
etag: W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9BO%2FlFUxmUesEuZoc4xQLlkeKd%2B2ofGXv9hWGSLoKI3XDsGyi7D5GdIFLC1C00E5fHbSr3PfCamAX1uB%2FfZkvUWKBI0p0cHK4n20x2QQlFfok1ehkTnCjr2CZOnGcqBaBakKoXfntCyGamlxMd5hH84"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 735b18bc9ba3918f-FRA

GET
H3 200 custom.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 35 KB
8 KB 57ms
56ms Stylesheet
text/css 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:11 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,621debf2442dfaa9a69145e9abbdb287eb3bacaa921229b0011bf1518f30f8b3
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Fri, 17 Dec 2021 11:18:55 GMT
server: cloudflare
etag: W/"61bc721f-8a45"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr56i13j4OqHFdRcueZ9yCmFZFyMMSdwvf%2BDMjL0aQ5AC6VRL5Ws%2BgR56OhcQwrRr1sb7GoUzmo9cNGdZ8F5bdvHeluNbUIgQHpTrN5RwEkGeU4ecxLWG6w9HyuqfPRx1JMbDxYP694WPc4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bc6bdd9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
57 KB 53ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ae7340c16acbf8e6f5fe96977e4213b9430f1e1067a835c1d23ee1697722e9b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57449
x-xss-protection: 0
server: cafe
etag: 3919344553598181791
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 23:33:12 GMT

GET
H3 200 untoldtea-logo.png
untoldtea.com/wp-content/uploads/2021/08/ 11 KB
12 KB 33ms
32ms Image
image/png 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2021/08/untoldtea-logo.png

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,6d4d005f1a402c97f6e496a59743a471af98785c872ad7b7d7650001a79970f3
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11421
ki-cf-cache-status: HIT
last-modified: Tue, 10 Aug 2021 07:06:55 GMT
server: cloudflare
etag: "6112258f-2c9d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=prvyL2w5TEkYRCQRAJTIhiVJ4ZMvhKoUl%2ByYaBlsE%2BId7PhDHxsRAei8at67YlAg4yCC%2F08OGR72AE8sT0Q7aX7MAARg3Na4A64ey%2FwpFoIqbUONIUC0XSYLxTM8f%2Bd%2BOpBi%2BwyKbfPKFc8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18bfeded9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 frontend.min.js Show response
untoldtea.com/wp-content/themes/astra-child/assets/js/minified/ 16 KB
5 KB 33ms
33ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/js/minified/frontend.min.js?ver=3.4.2

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,26e7cae73712c46b3f0664c6048328284329f1eb2ba2fb9739dcca23d422e2d9
cf-cache-status: HIT
ki-edge: v=17.7
age: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Wed, 12 May 2021 10:34:35 GMT
server: cloudflare
etag: W/"609baf3b-41bf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Oy%2FL0tA0lE4jQ4q9%2F1qgZGSHMnOfw%2BGGHneLTfWZqV7mbQXhbVI%2BHFv8ACx9fSKVE5S5%2BrVjVHSvDBl2V97f%2BLrZ%2FQ63Wz2s6hvN2pLd9FonnI5yPzWFdLWB%2FC6WPzEdz9V0BdA%2FTQN6T%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bf8dc19070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 ads-front.min.js Show response
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ 7 KB
4 KB 27ms
26ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-front.min.js?ver=1.9.21

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,922de2af9c8029c9d96c473245f39ddcc89aea711ee6bc0b0065e0a6496eeeaa
cf-cache-status: HIT
ki-edge: v=17.7
age: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Fri, 15 Jul 2022 07:01:10 GMT
server: cloudflare
etag: W/"62d110b6-1dd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uqR%2BnrTC0RMGE21LqUUwXg8ML10%2BTlfq5sFPad0sH9pCKN%2BkJPrM0%2BKRJs6CAZtZrk2ybw5Xou5Tt4Q1CupEh492zkkoL%2BJg4a0TlNZr5x%2F0kNMdVE8%2FtvFINYmlO3qRb35g0ogT2%2FpKi38%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bf8dc49070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 ads-frontend.min.js Show response
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ 1 KB
1 KB 39ms
39ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-frontend.min.js?ver=1.9.21

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,bfe694c76e7f83112fb856b4b8f26da2532f9fa67b3f6a9fc1863e27b12f22bb
cf-cache-status: HIT
ki-edge: v=17.7
age: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Fri, 15 Jul 2022 07:01:10 GMT
server: cloudflare
etag: W/"62d110b6-427"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBmPYzJnnfb4x2m0tY3gwKbCQMDq9%2F4ZlV8Har7DU4gMFxUkfdL5wQdvRcW0EQnvlFFv784xbVe84be4YOmBb8hsEJw4oWOBvCib0mi0yjtetKbrNYCNUTn6ODIk0M1xXqXKAzc%2BXvZB%2FkQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bfede59070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 socialsnap.js Show response
untoldtea.com/wp-content/plugins/socialsnap/assets/js/ 13 KB
5 KB 40ms
40ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/socialsnap/assets/js/socialsnap.js?ver=1.1.17

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,15c0ce2fb3715118240f9f39824db71e1bb7f579293d669e69f5fd9a653eaa5e
cf-cache-status: HIT
ki-edge: v=17.7
age: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Mon, 25 Apr 2022 07:51:45 GMT
server: cloudflare
etag: W/"62665311-3239"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2FXy3noJCT1I3ny1V9p3ma7xhOhpQRMVQFowjzgmG96cH0jFZoHSZ36vL8ENprOtiD7jY6TkAI0xUBAGlcO%2FrR8Cv1CglyVhgmisltYLpNzujcuJuMyNHxYfS%2BnecZYnZfKOu4wtfpe%2BQN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bfede69070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 core.js Show response
cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/ 232 KB
42 KB 23ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js?ver=1.0.0

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2509568
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42723
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-3a1e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kngvKKiZdn%2F28BFkAWV7hk%2BLhcLHZX4gBnz%2BECdsovWIQDWB3lCfzMLx%2BY7fSVBqAcKnQBxoGxbueR%2BtPJTEqeuJkhernEl7pqnMT2HxBpTjkCVNtF6QtEHxLUHTsi20r6K8kXFUsaHaljDwK%2Fz8AFbc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735b18bff8e59b1c-FRA
expires: Tue, 25 Jul 2023 23:33:12 GMT

GET
H3 200 ivory-search.min.js Show response
untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/ 4 KB
2 KB 39ms
38ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.4.7

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,1e21cc8327db2e06733fe3f314b06dfdd5354f41e9e1ea7f1b6e392367053d66
cf-cache-status: HIT
ki-edge: v=17.7
age: 35
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Tue, 28 Jun 2022 21:01:11 GMT
server: cloudflare
etag: W/"62bb6c17-11ef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PKQVvtVcbr6xCtVY6n7EugiMqEbbXNp%2FajlOAMr8FsX94GilVDdg60b9KkkPErCb2kCGI9f027knf6axut8nods63vWR2IBclG6mhIw2eBQeA14I5bstDX76%2FZ4c5%2BF8XMhePFyo9S7vbBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bfede89070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 44ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: untoldtea.com
URL: https://untoldtea.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://untoldtea.com/
Origin: https://untoldtea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1659655992.dop237.fr8.t,1659655992.cds220.fr8.hn,1659655992.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H3 200 owl.carousel.min.js Show response
untoldtea.com/wp-content/themes/astra-child/assets/js/ 42 KB
12 KB 37ms
35ms Script
application/javascript 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/assets/js/owl.carousel.min.js

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,8e385b6a64b4536a8cf3e7b2752fb12c72431b4faa2a98163a798ebe4e0382ee
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status: HIT
last-modified: Tue, 18 May 2021 14:03:35 GMT
server: cloudflare
etag: W/"60a3c937-a70e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6a4w5D5SmHjWO3oHQH4PxjoKg97SmAsmJOfCcZz4y4dI0NIEUG%2BQDN3Pkq6KRQVPVUBDaDv7qG3zfrbPflngnbEf46HzuzhTLneim8EEMcSV2Wenc7ZCrnk6%2Fpm5%2F004jjn%2BI611he62Flw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
ki-cache-type: CDN
cf-ray: 735b18bfedea9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H2 200 bootstrap.min.js Show response
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 48 KB
14 KB 48ms
21ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://untoldtea.com/
Origin: https://untoldtea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 860
access-control-allow-origin: *
cdn-cachedat: 03/10/2022 17:24:53
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d42df4a4f7ba0769fa5583b90bb9b602
cf-ray: 735b18c01a1d91e9-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 css2
fonts.googleapis.com/ 10 KB
1 KB 39ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 21:58:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 23:33:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 23:33:12 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 57 KB
11 KB 37ms
12ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1466580
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10301
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-e4d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31Eq9o7G0z9P%2BZtd6FzBNmrN%2BKfukdq5fCH8lzrwt2CnhOAepqmiyGTCW8LZ%2BY%2Bb8HwqV6kb7TQ7cnUZqViIWG9k1zb%2F9PBf2cUtOQosrzKYsKGBEOHZdP2J2zNSLdhRmI%2FAy9RUtOZFX54%2Bh5AFiYJ%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735b18bfccde9c07-FRA
expires: Tue, 25 Jul 2023 23:33:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 109 KB
43 KB 63ms
23ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9fb492388e501950a703894f90e7a849d1bcdb1258c10726dab2025bdff116ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43158
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 21:05:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Aug 2022 23:33:12 GMT

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://untoldtea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 21:13:14 GMT
x-content-type-options: nosniff
age: 267598
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 21:13:14 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 75 KB
76 KB 22ms
13ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin: https://untoldtea.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 6146732
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76612
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12b44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2BQUwFJYGJUHvkgMJPiu%2Bj%2BkM5gBZFg%2FsHN68V5iaaqVxqoaBOX3yMzAXsAst5XGRVk2%2BEXCgBnjlwPlwaYdEG8THzqb%2Fg2aRfhGg1wSA5eYOYOafjmTtBoxm1RylrgQaFyLZyn5Io%2FCYyAL1yT0xbre"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 735b18c0281c9131-FRA
expires: Tue, 25 Jul 2023 23:33:12 GMT

GET
H3 200 Breaking-Bad-Where-Are-They-Now-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/05/ 76 KB
77 KB 32ms
32ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2022/05/Breaking-Bad-Where-Are-They-Now-1024x682.jpg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,f53dfeb1075d1974c440f135691dc6e65bf12d00fc6223365bbb70b125a004b1
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78052
ki-cf-cache-status: HIT
last-modified: Thu, 19 May 2022 20:44:56 GMT
server: cloudflare
etag: "6286ac48-130e4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CKem3K9bDDLaYOScxA%2BcHq8RMtgeYh4lKkVSUYO24Dgd8K6RbPPPBlkm7LoIqxrK5lvdi0QU7S5VLcaY1NgxDDkYMMmV4DinEUQbmo3HTlNfjsWfWse3IOn%2FGREtDV%2BfRlykcqjPO4djBzY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c03e4d9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 Celebrity-MothersDays-2.jpg
untoldtea.com/wp-content/uploads/2022/05/ 49 KB
49 KB 49ms
48ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2022/05/Celebrity-MothersDays-2.jpg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,10c78d878de062f31b055c07ac57c0a8d2d2a9004c5cbe6d60b738c210941c6d
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49783
ki-cf-cache-status: HIT
last-modified: Thu, 12 May 2022 16:07:09 GMT
server: cloudflare
etag: "627d30ad-c277"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eruFD1FjIKB2U0DDBeBJcIfWLVeIdnTqx5spsvhPA15RUbx8TjJlwV2lv2I9P%2BxIpu5NtHluHfI24xsZHLwyvTQgHKR3UvzHn%2FaqHkm7E5VR2nfBnwar1230%2FbeW2JwAzIMurGHfY5eLATU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c03e4f9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 Jean-Claude-Martial-Arts.jpg
untoldtea.com/wp-content/uploads/2022/05/ 110 KB
111 KB 47ms
45ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2022/05/Jean-Claude-Martial-Arts.jpg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,ba5fd9b2bb5d156680e6adcebfda8f007191f4796b11772e8e6657905bfa9b2b
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 113047
ki-cf-cache-status: HIT
last-modified: Wed, 04 May 2022 22:47:58 GMT
server: cloudflare
etag: "6273029e-1b997"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QLOPsKTLSuHxzT1%2FFiVGGMeq9ypMfD1w0CG2ruQy7u5ArQ%2FYbZMs6Fhx6EGqjEnItFJRBywpsdzTO%2FqE5ES4u5Mukj9Zw6XXi7TPJzjwGVWobde0QkL2XZWAjctMOCn2FSugrVRioIjQzzE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c03e529070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 Squid-Games-S2-2-1024x576.jpg
untoldtea.com/wp-content/uploads/2022/04/ 133 KB
134 KB 40ms
38ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2022/04/Squid-Games-S2-2-1024x576.jpg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,7c0bcce25a0d0fbab5f9d6c693327424f5ba4afc237e067b1879208cff9ee550
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 136153
ki-cf-cache-status: HIT
last-modified: Fri, 08 Apr 2022 15:23:11 GMT
server: cloudflare
etag: "6250535f-213d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7dCwSOGZ9a4irKkHAiFFyp7p19YhISdwzozGM96JVstknII%2Bwvk39EIT3aOlPelYcsmZqG4vGCkSEGZ%2Fdm997%2F%2BFkrulDMi1%2BdBQo%2Fb5nGYLtYT3fH3ZceWrQAML4%2FtfOl6Cb3SS1MVmiK8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c03e539070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 Will_Smith_Chris_Rock_Slap-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/03/ 91 KB
91 KB 39ms
38ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2022/03/Will_Smith_Chris_Rock_Slap-1024x682.jpg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,99b01799dc302f7b34b2c9354517c028ec3f8f327fa1260ef19fa5b236d95c88
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92844
ki-cf-cache-status: HIT
last-modified: Wed, 30 Mar 2022 15:14:34 GMT
server: cloudflare
etag: "624473da-16aac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mH9h%2FlQ9NURWrH7KWtqupXxZjNOWC7Zxk%2FhjzH%2Fqh6uqbnX%2FyBX3wz75dwjXCGerfOR5Oji0bsFZo7JzezqugQ2xJ83pOAmkqqymQqNvrWBHynUTRo8zqadV%2FNe4KbqCn48yDlslKkpJL4M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c03e549070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 Mickey_Rourke-1024x1024.jpg
untoldtea.com/wp-content/uploads/2022/03/ 164 KB
164 KB 58ms
57ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2022/03/Mickey_Rourke-1024x1024.jpg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,f56f9e900dacbe291d8dc1412a22c0477d29d209573d533c6bd5e72baab257c0
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 167531
ki-cf-cache-status: HIT
last-modified: Fri, 25 Mar 2022 15:26:31 GMT
server: cloudflare
etag: "623ddf27-28e6b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9DpSeMdL30Eg%2BGmlJ%2FOHMZ0MSPhv0mt1JfRMoXFNK0NxtdbVKLueKDwiIMZDOmx2FMlt7B3ar8OwIJ9kPeiXkWmYaM8cSNVc4igI2%2FgRay9KcYuXJUvaX8opSEnpI%2FpeD%2FE2UQ4BTSR104%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c03e569070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 featured-and-starter1.jpg
untoldtea.com/wp-content/uploads/2021/05/ 47 KB
48 KB 64ms
63ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2021/05/featured-and-starter1.jpg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,42fade2813976c2b9e7985e27def55b8797b41be24ff28b8350dc365d3349e80
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48489
ki-cf-cache-status: HIT
last-modified: Tue, 18 May 2021 18:29:21 GMT
server: cloudflare
etag: "60a40781-bd69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2nCPRiNSgbElsHiu%2F6ZqBHZ3OtnNyS2ZXf0uDijl2GmLei1qTGuJ431OpqpMiHOtwQxxMYkr9AY87oAj2DPHr0SX6yMfy%2FIElk9mCG8IJKZrMbH7syNrwsggQr8HbC%2BX9HzmXTUPDMD0s0s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c03e579070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 Adele_Live_2016_tour-1024x768.jpeg
untoldtea.com/wp-content/uploads/2022/01/ 115 KB
116 KB 50ms
50ms Image
image/jpeg 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://untoldtea.com/wp-content/uploads/2022/01/Adele_Live_2016_tour-1024x768.jpeg

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
ki-cache-tag: 2a47d516-d30f-42f6-b2f9-df591a32d46d,cec7a2c4b4e7c263f820b35f0a1779b07756e060dad3915a4799942dd15e5b9b
cf-cache-status: HIT
ki-edge: v=17.7
age: 34
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 117967
ki-cf-cache-status: HIT
last-modified: Thu, 27 Jan 2022 00:04:21 GMT
server: cloudflare
etag: "61f1e185-1cccf"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=quaB8aOt8WeDXC5BqRsUaRs1ZA3%2FHQLPqWxI0bqoGBy7STlKCVyYyVDm57dR0dGMMYy16ijp1QAhil5q1M8gpEEe%2Bs6ZR7L12%2F3aXqoMKwvXv37UaRWPNwGKW3UW9RtUMMA7PjUaiJ6PTmk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
ki-cache-type: CDN
accept-ranges: bytes
cf-ray: 735b18c0deba9070-FRA
x-content-type-options: nosniff
x-edge-location-klb: 1
expires: Fri, 04 Aug 2023 23:33:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/ 339 KB
119 KB 53ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068758

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0cfbb7a78e112f816d7dd7da51287995b39f7b9d9b21fa9befaa25e7da2d50c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122294
x-xss-protection: 0
server: cafe
etag: 12561757933102209553
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 23:33:12 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/ Frame 4CCE 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220803/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74742
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 02:47:30 GMT
etag: 8616628553774171045
expires: Thu, 18 Aug 2022 02:47:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 home-load-more.php Show response
untoldtea.com/wp-content/themes/astra-child/ 6 KB
1 KB 652ms
652ms XHR
text/html 2606:4700:7::a29f:872a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://untoldtea.com/wp-content/themes/astra-child/home-load-more.php?offset=0&limit=6

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Referer: https://untoldtea.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
ki-edge: v=17.7
ki-cf-cache-status: BYPASS
x-kinsta-cache: BYPASS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=370i%2BoNouDWt8QzhsUN%2BoSq7zZyGk2jINWfz4ndCqp2PLuolBFUnJFVz9BC9oODc6gtkOLQNvyxk94ioUx0qKWKtOFNZVMKkrFCTMgyvgdIXerP1PTV2o%2BsAlnO81Hl9LOGeSjGDs28AroM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate
ki-cache-type: None
cf-ray: 735b18c14ef59070-FRA
x-edge-location-klb: 1
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 43ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18e32dabc0e5ea4eec2b24598742adb69d457b3440c452ed9457e71574370372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72292
x-xss-protection: 0
expires: Thu, 04 Aug 2022 23:33:12 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 301 KB
55 KB 38ms
10ms Script
application/javascript 99.86.4.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-23.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:32:39 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 15:10:19 GMT
server: AmazonS3
age: 34
etag: W/"3719c549539b86d123ffb1220e16852e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: xJsdLjZV_O0T2h0ImIM_8Bdb-_Ow0mKjNItZqw01e1IU_LirwL3ZEw==

GET
H2 200 video-loader.js Show response
cdn.avantisvideo.com/avm/js/ 32 KB
11 KB 49ms
9ms Script
application/javascript 2600:9000:2057:9000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 04:58:59 GMT
content-encoding: gzip
last-modified: Sun, 29 May 2022 06:35:41 GMT
server: AmazonS3
age: 66854
etag: W/"d29171b34ea93548beb17fd35f5b439b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: o3_UP5DBpj34HIRp37PMEele1xlw3U13
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-type: application/javascript
x-amz-cf-id: 3FHfjkSDwBBK8qufOBaDeRVcDk3QP0nHwpss6UwcHZM3SUC3GteTKQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 33ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-105305343-4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e0a6271c3243718f5eff0ce604b230a09af01fa8d32abead1d69335739d20986

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41937
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 21:05:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 04 Aug 2022 23:33:12 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 217 B
646 B 52ms
15ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=untoldtea.com&callback=_gfp_s_&client=ca-pub-6830231157845370

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068758

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

883f1d80e8bef38387aea6c74988548fde94016179aab5c597f0f2cf94f86a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 66ms
16ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 65ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 23:33:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3236 240 KB
63 KB 400ms
384ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1659655992&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655992493&bpp=5&bdt=849&idt=92&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6878584247776&frm=20&pv=2&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=107

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7172eed49d05b7e78f10a79d5e1cea25fc806cdd9f1449f4e8d67e1e83156a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 64070
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:12 GMT
expires: Thu, 04 Aug 2022 23:33:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B440 91 KB
32 KB 583ms
572ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655992&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655992498&bpp=2&bdt=854&idt=106&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=E1OzW0cFcF&p=https%3A//untoldtea.com&dtd=108

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adeb906aa5b03f24e5d4394a46c4338dab3d512884bd1415dbc55cca056c94bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33067
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105305343-4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1872
date: Thu, 04 Aug 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 05 Aug 2022 01:02:00 GMT

GET
H2 200 abc.txt Show response
static.avantisvideo.com/data/ 11 KB
5 KB 84ms
21ms XHR
text/plain 2600:9000:214f:fa00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/abc.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:fa00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6552c939422a87fb5cd661a8766a245e4acb52dce36f216bd5a0670756ad60d1

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Aug 2022 13:29:52 GMT
content-encoding: gzip
last-modified: Thu, 04 Aug 2022 11:12:21 GMT
server: AmazonS3
age: 36200
etag: W/"0eaf272062f78e5a3f56b7bc18ab872f"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://untoldtea.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: DWcdO8U3bK6kV-K_LnEaRUvY12QKwv_f4bp0roHlsn4xCzaiHjy20g==
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 51ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-M28037773M&gtm=2oe830&_p=1494107614&_z=ccd.v9B&cid=1119513781.1659655993&ul=en-us&sr=1600x1200&_s=1&sid=1659655992&sct=1&seg=0&dl=https%3A%2F%2Funtoldtea.com%2F&dt=Untoldtea&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://untoldtea.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
35 B 549ms
177ms Ping
text/plain 54.149.127.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: untoldtea.com
URL: https://untoldtea.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 27 KB
2 KB 11ms
11ms Stylesheet
text/css 99.86.4.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-23.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:32:40 GMT
content-encoding: gzip
last-modified: Tue, 28 Jun 2022 18:34:08 GMT
server: AmazonS3
age: 33
etag: W/"f3cd76bbdf477b890d940ce319bd1d16"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: 2yHDgmiGb988CMaUuwJDDHNkx-lw218PX41SIxuQIpR0boB0HuB3eg==

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 30ms
14ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1494107614&t=pageview&_s=1&dl=https%3A%2F%2Funtoldtea.com%2F&ul=en-us&de=UTF-8&dt=Untoldtea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1636691097&gjid=136154800&cid=1119513781.1659655993&tid=UA-105305343-4&_gid=1061434580.1659655993&_r=1&gtm=2ou830&z=1654125993

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://untoldtea.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 33ms
7ms Fetch 18.158.184.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.184.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-184-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 04 Aug 2022 23:33:12 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 29ms
7ms Fetch 18.158.184.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.158.184.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-158-184-65.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Thu, 04 Aug 2022 23:33:12 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
437 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105305343-4&cid=1119513781.1659655993&jid=1636691097&gjid=136154800&_gid=1061434580.1659655993&_u=YADAAUAAAAAAAC~&z=241816784

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 04 Aug 2022 23:33:12 GMT
content-type: text/plain
access-control-allow-origin: https://untoldtea.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 u_d.html Show response
cdn1.avantisvideo.com/connect/ Frame 7506 46 KB
17 KB 28ms
7ms Document
text/html 2600:9000:2057:9000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1.avantisvideo.com/connect/u_d.html
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51908
content-encoding: gzip
content-type: text/html
date: Thu, 04 Aug 2022 09:08:05 GMT
etag: W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified: Wed, 06 Apr 2022 12:25:53 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
x-amz-cf-id: SotZ_xcHH1TXGln7ZZoDyVaa-cvg3yK0ZCIWwrhjSrMuavViy2aB8Q==
x-amz-cf-pop: FRA6-C1
x-amz-version-id: dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache: Hit from cloudfront

GET
H2 200 geoip Show response
avm.avantisvideo.com/api/v1/ Frame 7506 174 B
926 B 155ms
154ms XHR
application/json 2600:9000:2057:0:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Requested by

Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:0:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

ab430a69ae897d182200a161304b596ecd8d325622c5d12c3757d215c83710cc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://cdn1.avantisvideo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA6-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Origin
content-length: 174
x-xss-protection: 0
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
date: Thu, 04 Aug 2022 23:33:13 GMT
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
access-control-allow-origin: https://cdn1.avantisvideo.com
access-control-allow-credentials: true
x-amz-cf-id: Cu_YHiFi6SVNQae4NS4tcfERIMI804JNbd1nNPrUhofr6bM3p3V4LQ==

OPTIONS
H2 204 geoip
avm.avantisvideo.com/api/v1/ Frame 0
0 197ms
149ms Preflight 2600:9000:2057:0:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/geoip

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:0:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://cdn1.avantisvideo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://cdn1.avantisvideo.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Thu, 04 Aug 2022 23:33:12 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-id: jur-kcEL-GoAjYMs8tRutYiTOWjTb5s0t3viqjm_eLloUS3EIDfj8g==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/ 150 KB
54 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208020101/reactive_library_fy2019.js?bust=31068758

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03f3e8acba3af50c94f1aa209e060f559da7c9c019c4c546750e74732a0bb971

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54860
x-xss-protection: 0
server: cafe
etag: 5719341153080759503
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 34ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 42E5 77 KB
24 KB 432ms
431ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JpbB7JEVt7&p=https%3A//untoldtea.com&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9701cf3a934cd516387c7ec2c3e76be8281c2e77594a8686361fe6df3bb8149b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24352
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D26 73 KB
30 KB 405ms
404ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f1abeccfa13c1f4fd7293731c9ad63ead54eecefa82e210be6fb301d23cc5e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30816
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B4C4 73 KB
30 KB 377ms
376ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee18b5c36b50a51aed6da67f5f3f494ef1bbf50fdb47e668cceb947072783b30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30888
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/ Frame 3801 10 KB
4 KB 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 02:44:04 GMT
etag: 8616628553774171045
expires: Thu, 18 Aug 2022 02:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/ Frame CFDE 10 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 74949
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 02:44:04 GMT
etag: 8616628553774171045
expires: Thu, 18 Aug 2022 02:44:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 3801 4 KB
636 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 23:29:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 23:33:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3801 205 B
742 B 30ms
7ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:09:46 GMT
x-content-type-options: nosniff
age: 1407
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Aug 2023 23:09:46 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3801 604 B
694 B 30ms
7ms Image
image/png 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:17:29 GMT
x-content-type-options: nosniff
age: 944
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Aug 2023 23:17:29 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/elements/html/ Frame 3801 23 KB
10 KB 46ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eab293839fb2aa5cfda5c6861bef235adf8127e9b7491caca48dc961a61d9b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:36:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3409
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9690
x-xss-protection: 0
server: cafe
etag: 12381306461416256465
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:36:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CFDE 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTF2HOFfsYrfmJpbd3wPkuLKgCpKD2cRqpNXLiN4P3tkeEAEgxc-AB2CVqpSCoAegAcqCuowDyAECqAMByAPJBKoEygFP0A2zJ_U3LLvyZLzWL0vKpi8H1Z7YzDm9jYLQCiRR6lfGXSNTmQ7g-l4HxG7acHBTLr8AOGAe-5nevZXxzvDBEweL9PXfKtJOKnfLLkaydP8390tDj0D45KKwhiiT6fJknUxtomhe8s2BBScsflSrlBWY_20IvpEdkwSJmVzONQxUrZ5gvdeDDxdEz_5z-TaKJvsWG4NpvMIFwSSS_tr5WPuhUPBX7e_6p0uBUaPrw9hxKj-gLP7sHj2trilA34aPWfEszy-s2gKBwASFmvCO9gKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGAoAHnv3Fc6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEIjQadIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTY4MzAyMzExNTc4NDUzNzAYAA&sigh=QhjdA6CpcZQ&uach_m=[UACH]

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame CFDE 23 KB
9 KB 40ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:54:30 GMT

GET
H2 200 5216727072881502078
tpc.googlesyndication.com/simgad/ Frame CFDE 25 KB
26 KB 46ms
15ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5216727072881502078?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkj7YnhVDrxu4d-SFFiTJlBdT-wuw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0902dec48fb1d266f487bb94062ca38bc26219c5a285ed0bd38b424d5f893e9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 11:40:19 GMT
x-content-type-options: nosniff
age: 42774
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25965
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 13:21:40 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Aug 2023 11:40:19 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame CFDE 3 KB
1 KB 45ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:08:57 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame CFDE 18 KB
8 KB 42ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:28:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFDE 139 KB
43 KB 67ms
18ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame CFDE 32 KB
13 KB 47ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93eb618958f10756353100afbcfc36ff0340c62467da3b14e221ca7e06fe44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13231
x-xss-protection: 0
server: cafe
etag: 3020276330867765820
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:59:37 GMT

GET
H2 200 video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 107 KB
34 KB 7ms
7ms Script
application/javascript 2600:9000:2057:9000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: Usl28QWcpcQuVgqctq_iPLAQIzTzuE9F
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 08:12:47 GMT
server: AmazonS3
age: 11808
etag: W/"7b1a9ceb08392f5edf168e210f7c817e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
date: Thu, 04 Aug 2022 20:16:26 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Uqxcj_qJDwm2MGegVIFEvNFWWnio7PDXSKqNI8NgTGm-XMmpx7i54Q==

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 177ms
176ms Ping
text/plain 54.149.127.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: untoldtea.com
URL: https://untoldtea.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 725B 8 KB
893 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 23:23:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 23:33:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 725B 2 KB
902 B 28ms
11ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:28:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame 725B 23 KB
9 KB 24ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:54:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 725B 3 KB
1 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:08:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 725B 18 KB
7 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:28:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 725B 139 KB
43 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 feee445475856395ba7fe4dbc8183291.js Show response
www.gstatic.com/mysidia/ Frame 725B 31 KB
13 KB 23ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/feee445475856395ba7fe4dbc8183291.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 20:45:35 GMT

GET
H2 200 t Show response
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/ 2 KB
2 KB 155ms
153ms XHR
text/plain 2600:9000:2057:0:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Funtoldtea.com%2F&eu=true&country=DE&hour=23&amp=false

Requested by

Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:0:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA6-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding, Origin
x-xss-protection: 0
access-control-allow-origin: https://untoldtea.com
referrer-policy: no-referrer
x-frame-options: SAMEORIGIN
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/plain; charset=utf-8
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
access-control-allow-credentials: true
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: PQAg_KeVpp1Ld28HOZLjGEUVV2Tku6H1_lkloNGNKCnsO0ukdq7eTA==

OPTIONS
H2 204 t
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/ Frame 0
0 150ms
145ms Preflight 2600:9000:2057:0:3:748e:7940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:0:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://untoldtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin: https://untoldtea.com
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date: Thu, 04 Aug 2022 23:33:13 GMT
expect-ct: max-age=0
referrer-policy: no-referrer
strict-transport-security: max-age=15552000; includeSubDomains
vary: Origin
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-id: u5c7pdUcw74yl7Z2KCeKPYnIaPHOLRPvN44Y7YeKu-X9FVSXBmGdCA==
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 e9729a99e2ce9704c0788d1ab658d164.js Show response
www.gstatic.com/mysidia/ Frame B440 12 KB
5 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655992&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655992498&bpp=2&bdt=854&idt=106&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=E1OzW0cFcF&p=https%3A//untoldtea.com&dtd=108

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4942
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 20:45:35 GMT

GET
H3 200 de03a69b80543f0fa8847e29147a30f0.js Show response
www.gstatic.com/mysidia/ Frame B440 11 KB
5 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4857
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 20:45:35 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B440 8 KB
893 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 22:50:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 23:33:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B440 2 KB
902 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:28:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame B440 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:54:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B440 3 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:08:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B440 139 KB
43 KB 141ms
123ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B440 18 KB
7 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:28:39 GMT

GET
H3 200 feee445475856395ba7fe4dbc8183291.js Show response
www.gstatic.com/mysidia/ Frame B440 31 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/feee445475856395ba7fe4dbc8183291.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 20:45:35 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 208ms
207ms Ping
text/plain 54.149.127.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: untoldtea.com
URL: https://untoldtea.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43DB 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:10:51 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 redir.html Show response
p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 310B 247 B
961 B 51ms
15ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

9fb54b145d89dc9591614a5be5851e004ff3a2675e3e8f64fd6e08068861147a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 203
content-security-policy-report-only: script-src 'nonce-V18eOrx2QCBWNjdaiMpCOA' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame CFDE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 54f11f4e5e9697be3e0f791d20e3ae0b13896d51ae162eb6b182f92a83fff3ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 redir.html Show response
p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame BB64 247 B
964 B 53ms
15ms Document
text/html 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

1d48cb198c6bea475b240ef7057d249022fd7ef972e2b288afe4567377d4f921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 205
content-security-policy-report-only: script-src 'nonce-vFkCMQ_RX4ZFUeCk8ERZNg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Mon, 02 Dec 2019 20:15:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B440 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ci324OFfsYoSJJ82KjuwPpsa4sAGTj_LkaovJ7pmJEK3K_d8FEAEgxc-AB2CVqpSCoAegAauo5c0DyAEBqQLwvK_uylyoPqgDAcgDywSqBMIBT9D3Qeeve8ELokD7j1CLgtMjRTtR7AXo65xP9MVO2RWvdZssjcBZ8ynJZ4bzo_mK-SmE_87dgfVLzvqJj7JcEzlHyMsIUxDHosqGjIaEn8_h2SftNuVTQTM6S1YTERE0SuyXkFhNbGE5kMq3PHfrNpn2DLLSjuUvyZ555H5iDI7sX8YrUredLNovOalEosHYWwjS1uzzqPRsii8do9s0siPuOdNU4F_I2kcW1s-3aUEihO0cezpJTtF73BBPLTz6cbTABPmt0cL8A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAe915oyqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQmocN0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=_fdG-G9gAIY&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655992&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655992498&bpp=2&bdt=854&idt=106&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=E1OzW0cFcF&p=https%3A//untoldtea.com&dtd=108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2C9 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655992&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655992498&bpp=2&bdt=854&idt=106&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=E1OzW0cFcF&p=https%3A//untoldtea.com&dtd=108
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:10:51 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe.html Show response
p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 310B 4 KB
2 KB 31ms
15ms Document
text/html 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

sffe /

Resource Hash

bcf128f880b3b04f494c4e5cef80fb77ed8fb1802caafbcb694c8e716f8a6855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1863
content-security-policy-report-only: script-src 'nonce-P9VxS0hSp0SmB5CTLGUiCg' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43DB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

23ms
23ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A2C9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

39ms
39ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframe.html Show response
p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame BB64 4 KB
2 KB 31ms
15ms Document
text/html 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html

Requested by

Host: p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

8d66710e1b93cd4fd56f7578a750140c21a47970f80878a4687bcdec051420b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1862
content-security-policy-report-only: script-src 'nonce-GxLjGKMPNTJM8J72yXBiAw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
last-modified: Thu, 29 Apr 2021 21:38:00 GMT
pragma: no-cache
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B440 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdde197651bdc06e75ef5109137a696696ab3bef2073402e1ea94b858709c3bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame B440 28 KB
28 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 20:36:54 GMT
x-content-type-options: nosniff
age: 96979
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Aug 2023 20:36:54 GMT

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 316A 36 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 18:21:11 GMT

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame ABFE 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220803/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 18:21:11 GMT

GET
H3 200 7164377854568679750
tpc.googlesyndication.com/daca_images/simgad/ Frame B4C4 67 KB
67 KB 9ms
9ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/7164377854568679750

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d49dd59d227a3bf5a6bf0a15d5f29a29315df214d79adfe215d59acb8258957

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Sun, 31 Jul 2022 10:37:34 GMT
x-content-type-options: nosniff
age: 392139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68913
x-xss-protection: 0
last-modified: Mon, 20 Jun 2022 13:23:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 31 Jul 2023 10:37:34 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame B4C4 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:54:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B4C4 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:08:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B4C4 139 KB
43 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B4C4 18 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:28:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B4C4 0
0 34ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRgQjU-N7FYB_Jcs7V-s0WLeDspW1gY6e6OHIA2Zn0iVuNwqY-4Nk-xIko30Q0_tk5xRRug4JNTUr0JP-NSv-JMs1Ksxg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame B4C4 32 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93eb618958f10756353100afbcfc36ff0340c62467da3b14e221ca7e06fe44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13231
x-xss-protection: 0
server: cafe
etag: 3020276330867765820
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:59:37 GMT

GET
H3 200 9518514844926326451
tpc.googlesyndication.com/simgad/ Frame 5D26 9 KB
9 KB 17ms
16ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9518514844926326451?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlgvnCCGttXothj2rFvt125goPxRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f8f4a16467c23ae2fd8e0b94ffac451bd278f91551632c63a6a309f36af4b0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 22:55:07 GMT
x-content-type-options: nosniff
age: 88686
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9113
x-xss-protection: 0
last-modified: Fri, 03 Dec 2021 18:36:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 03 Aug 2023 22:55:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame 5D26 23 KB
9 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:54:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 5D26 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:08:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D26 139 KB
43 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 5D26 18 KB
7 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:28:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5D26 0
0 29ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMEuPJ6UeWWH6FT7f86NxqGtZoXG_HRnT2Hm1QDnpD0nyjmG9IEw7Bg_7g8JRhg2f2w6iWjVGQtKwSvxPubTkKy2VREg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 5D26 32 KB
13 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b93eb618958f10756353100afbcfc36ff0340c62467da3b14e221ca7e06fe44f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2016
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13231
x-xss-protection: 0
server: cafe
etag: 3020276330867765820
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:59:37 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 42E5 5 KB
667 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JpbB7JEVt7&p=https%3A//untoldtea.com&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Aug 2022 22:56:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 04 Aug 2022 23:33:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 42E5 2 KB
902 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:28:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3899
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:28:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/ Frame 42E5 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 22:54:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2323
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9503
x-xss-protection: 0
server: cafe
etag: 7252816286414963076
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 22:54:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 42E5 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:08:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1456
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:08:57 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 42E5 139 KB
43 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43822
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659527892023609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 23:33:13 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/ Frame 42E5 18 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 274
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7643
x-xss-protection: 0
server: cafe
etag: 5476907727954993956
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Aug 2022 23:28:39 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 42E5 0
0 20ms
15ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDDLeTaCRxdsCF_O-DTYrZPlZihiR-lxnk1vikoyHq9aK6GHetn2ndafc-XszTM9bVSW3xy_NUkKNVMs42QU-Nj3uMOg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JpbB7JEVt7&p=https%3A//untoldtea.com&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 feee445475856395ba7fe4dbc8183291.js Show response
www.gstatic.com/mysidia/ Frame 42E5 31 KB
13 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/feee445475856395ba7fe4dbc8183291.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 20:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 22:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Nov 2022 20:45:35 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B4C4 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CvtC9OVfsYuCKBoqQjuwPycCLiAiSg9nEaqTVy4jeD97ZHhABIMXPgAdglaqUgqAHoAHKgrqMA8gBAqgDAcgDyQSqBMoBT9AjtHJl58uBHe7ogH7ycTg8A3hNVUtXrQCjvGZC0N4ZYWwxL6SvrJQsse_gUqgQTfUk0rOLfxBLz5f9Q1QXXqpHikzcViflrwSAd7z4R4PFre7eF1sbr04IWBTUKgHgVkCFplGsdGR2thj6xQqD_Jc9wvYkPNxGxZm1L-_T78ir83bWIrshjVxkiDFk4IufsCJKZr6uiNak40r-in6XfLNp_kcaEJPDV2hwU0byOrHXyt9Sr15e6yv5wdInQXkgONnekRU0VGj4VcAEhZrwjvYCkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB579xXOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCqt6YB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=iT5dhoj_sxE&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D26 0
0 52ms
52ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfiYgOVfsYt7cBYz73gOQz7uoAf6TksRrv8vy3_4PCxABIMXPgAdglaqUgqAHoAGZjtnqAsgBAqgDAcgDyQSqBMgBT9ARnEbivB2SeyYc171xgW66vey7UCS7d9_pr4uqAaKKvDPGSB0aNrXIeLU2_cuy-lRTC6fDQ4gGWYoR3S-Z3BtIlmjoom6JvF5lq5WSG5vecHo2trM8IiREtqOaWJezm7jiGBXA2hKCSwOztUBjy5GRrs4Z0Ytl74PNAo_CgsgfI7JMnqphJMHemJSGDHInbcG0pL8CFom2H3FirrJRwJPu8DUoblA3y1WgR13GLYW3HvH23qxpwlBpW9cg5r0g7uEcU-B_1ObABJSgtfX5A5IFBAgEGAGSBQQIBRgEoAYCgAfs1PbpAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEILnc9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY4MzAyMzExNTc4NDUzNzAYAA&sigh=RShuR5AUcrw&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 2.0ea6592415db7f630eab-video-loader2.1-cr.js Show response
cdn.avantisvideo.com/js/ 30 KB
10 KB 8ms
7ms Script
application/javascript 2600:9000:2057:9000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: X0x1ohgLuQwdcmcojJpKQepQjoSaetGr
content-encoding: gzip
last-modified: Sun, 31 Jul 2022 08:12:46 GMT
server: AmazonS3
age: 23478
etag: W/"877651bae5882b405ee2d6c7879cc089"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
date: Thu, 04 Aug 2022 17:01:56 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: sCMHXORBDb29cgVoFhVjNsUQJSWqmZIV70LM_AEAaXghxc0WU5QyhQ==

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 81AB 36 KB
14 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 18:21:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 42E5 0
0 55ms
54ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFlQUOVfsYoj9BLuHjuwP3bypiAaesvGza8y-_JLuDubH3KvoDhABIMXPgAdglaqUgqAHoAHRnLqwAcgBBqkC6gQv0wImsT6oAwHIAwKqBNsBT9BxSYKzZo3eB3tYPfm3oEKmeRo7WOHO2ZeqzuquXhxo04XMRsu99TkGGau6pPTtGTRDpA-P_pZkKRVuARuyZe_FNnP4c_jJkY0-6ovCx5Z4KojD-MBZ4nvZhGh0alxjxSNepGRojFdt-Deo0k4roWf8ugV9E0-UWMezcLTLYDwFGxS1brXbZAeouZgenOrhPLzG-MsQLoprKvW7rWjhZrqN6vFdWUGnNTrqfi6VLn_prKJAqfavMWR2PgykiqJMX3cGpW7H384gToHGBrZP-n5tcuPqCorhRh0CwATf3_HG5gOSBQQIBBgBkgUECAUYBKAGN4AHl-PFzwKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQ9K4l0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAXQFQGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=fOdgTgm4qZo&uach_m=[UACH]&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JpbB7JEVt7&p=https%3A//untoldtea.com&dtd=11
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 42E5 9 KB
10 KB 46ms
7ms Image
image/jpeg 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQLzVQ7NcvjHTcfVEKy2r_FRRKC76NANu8TQ53eCVbi7YKH6TdWKRKsuG-yEUE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d0bfd8b8c9c82b9a3e4e613b3fd5c153b783da25cf91d8fdc2ee6b4e5e1c2d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Wed, 03 Aug 2022 13:14:09 GMT
x-content-type-options: nosniff
age: 123544
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9320
x-xss-protection: 0
last-modified: Sat, 23 Oct 2021 11:57:55 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 03 Aug 2023 13:14:09 GMT

GET
H3

200

13952197847798325392
tpc.googlesyndication.com/simgad/ Frame 42E5
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODApZPRswEQwAEYwAEyCC7civlwKD_W
https://tpc.googlesyndication.com/simgad/13952197847798325392

6 KB
6 KB

10ms
10ms

Image
image/jpeg

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13952197847798325392

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb597e59173d3b360375baf267516ba3be83c2f0465308a37954cf8cc65322f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 29 Jul 2022 13:30:05 GMT
x-content-type-options: nosniff
age: 554588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6210
x-xss-protection: 0
last-modified: Sun, 09 Jan 2022 16:57:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 29 Jul 2023 13:30:05 GMT

Redirect headers

date: Thu, 04 Aug 2022 07:29:24 GMT
x-content-type-options: nosniff
server: cafe
age: 57829
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/13952197847798325392
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 03 Sep 2022 07:29:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BEB 143 B
163 B 7ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:10:51 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 873F 1 KB
749 B 8ms
8ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 21:34:15 GMT
etag: 48472445140208031
expires: Fri, 05 Aug 2022 21:34:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 945A 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1342
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:10:51 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1188 1 KB
749 B 8ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 21:34:15 GMT
etag: 48472445140208031
expires: Fri, 05 Aug 2022 21:34:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 36D1 1 KB
749 B 7ms
7ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7138
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 21:34:15 GMT
etag: 48472445140208031
expires: Fri, 05 Aug 2022 21:34:15 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 42E5 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8222630daeff1fc2ca2c6406081eb13440a9e76aba4fb1d3a70dfdad8664ce9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5D26 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fd0f852fccbd0829daa2589b4a4808c2d92bec037c1347e331a5fb7ad2f606e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK adb.js Show response
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 2 B
765 B 45ms
7ms Script
text/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62: 8096267
Date: Thu, 04 Aug 2022 23:33:13 GMT
X-GUploader-UploadID: ABg5-UyceNYD8FEdWQb3EsKqZxhyLaQsoF5fAeemPciJDGSGGF4ULfrcEwEz_akWP2UPcpXtifCcA1iL2DSxDFRze85Z1ot-ZA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 2
Last-Modified: Thu, 14 May 2020 13:22:36 GMT
Server: UploadServer
ETag: "56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash: crc32c=cz4mSA==
x-goog-generation: 1589462556858294
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type
Cache-Control: public, max-age=1800
x-goog-stored-content-length: 2
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Fri, 05 Aug 2022 00:03:13 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ Frame 42E5 44 KB
44 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Mon, 01 Aug 2022 23:10:25 GMT
x-content-type-options: nosniff
age: 260568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Aug 2023 23:10:25 GMT

GET
DATA 200
OK truncated
/ Frame B4C4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fc5e78ef0239bc569b79ced8ea77c5eab79567b7bd32d7a3b789f6f6739267e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 873F
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEKLCFiv6cbKrYYGbMJKvrGU&google_cver=1&google_push=AehlK4CVjKYz19Sxot1ZgadbgId1vMAxsbAnTEjjcp9JcL3q2RRlSYS8hu7rGA6sw5zin_ak9_tihbk1hDAx78pygYQnbXY_D1II8g
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CVjKYz19Sxot1ZgadbgId1vMAxsbAnTEjjcp9JcL3q2RRlSYS8hu7rGA6sw5zin_ak9_tihbk1hDAx78pygYQnbXY_D1II8g&google_hm=Q0FFU0VLTENGaXY2Y2J...

170 B
188 B

33ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CVjKYz19Sxot1ZgadbgId1vMAxsbAnTEjjcp9JcL3q2RRlSYS8hu7rGA6sw5zin_ak9_tihbk1hDAx78pygYQnbXY_D1II8g&google_hm=Q0FFU0VLTENGaXY2Y2JLcllZR2JNSkt2ckdV

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 23:33:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4CVjKYz19Sxot1ZgadbgId1vMAxsbAnTEjjcp9JcL3q2RRlSYS8hu7rGA6sw5zin_ak9_tihbk1hDAx78pygYQnbXY_D1II8g&google_hm=Q0FFU0VLTENGaXY2Y2JLcllZR2JNSkt2ckdV
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 873F 0
98 B 41ms
15ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DsT8OqXfi-MCoQyuvJy24YbZziANivHGxQBysvjRRFs_WM3TrsBnriigWIMoOrsu_i9sE42xGaOfmIiH3_Ve_x5K2gDjseNQ&google_gid=CAESELGAVvEXCBbltoTVjdxNyns&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 873F 43 B
356 B 46ms
16ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEGDJ0XB0G6T_mGEg3FBLxsg&google_push=AehlK4DStI6MYEbEIsXYOdGX4PJMr0-UdkZELOojVmuQx_HcWrYWKw-SUA42dG33DNVtW6l3EiKGoUweDYvGRCnc2uiXgYYkAPD7&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 873F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGJmUmrh5uMxWGyrLgzzlAI&google_cver=1&google_push=AehlK4AeFI74m72znwrebN_jC2-HZl834C1s8PGysBa3VR8jAuqBQEUMkkUJSpYt-d7eOh-aq8n...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItMi1DMVhN&google_push=AehlK4AeFI74m72znwrebN_jC2-HZl834C1s8PGysBa3VR8jAuqBQEUMkkUJSpYt-d7eOh-aq8nWyuMNx3VISJ4vk23v71hbmZ5AWQ

170 B
188 B

33ms
19ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItMi1DMVhN&google_push=AehlK4AeFI74m72znwrebN_jC2-HZl834C1s8PGysBa3VR8jAuqBQEUMkkUJSpYt-d7eOh-aq8nWyuMNx3VISJ4vk23v71hbmZ5AWQ

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItMi1DMVhN&google_push=AehlK4AeFI74m72znwrebN_jC2-HZl834C1s8PGysBa3VR8jAuqBQEUMkkUJSpYt-d7eOh-aq8nWyuMNx3VISJ4vk23v71hbmZ5AWQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 873F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPHVYVAZ5NFzHzpo9BZFeT4&google_cver=1&googl...
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEPHVYVAZ5NFzHzpo9BZFeT4&google_push=AehlK4CvS...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4CvSNCaXaWX9vHajKixOi2ab7FQ7wyOeEBdUmUZW1A7pDu1X8iEQYrxNgelLWrx5_U0TFG4...

170 B
188 B

17ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4CvSNCaXaWX9vHajKixOi2ab7FQ7wyOeEBdUmUZW1A7pDu1X8iEQYrxNgelLWrx5_U0TFG4WAGjPOHY6Jo9rPAu3Ef9OWD6Pg&google_gid=CAESEPHVYVAZ5NFzHzpo9BZFeT4

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

cf-ray: 735b18ca4d5e9968-FRA
pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NY0vwQeSN6O0zH58IyJp6LHydthMqMEIb4JNSMxkXruXmgCU3iA2jJXQzkuMwsKLRUDxpg%2FMnT5Uql%2FqMQheHxTUIsAnYZ%2F2vyDAeMw%2FxQ47sgn9ibuJPgGXiqvdKtY%2F9RcC"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4CvSNCaXaWX9vHajKixOi2ab7FQ7wyOeEBdUmUZW1A7pDu1X8iEQYrxNgelLWrx5_U0TFG4WAGjPOHY6Jo9rPAu3Ef9OWD6Pg&google_gid=CAESEPHVYVAZ5NFzHzpo9BZFeT4
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 873F 43 B
297 B 161ms
21ms Image
image/gif 2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGmeeAxPAU0jovxDcxAii3A&google_cver=1&google_push=AehlK4DECotRTpbeVOjRctSbUE0FgjwNPnrRZrjssg8m2_dN3Eos4GU_htIwjtnUU-80RlAoABwEOlCWmxKfAzz86C6-PsS4YVI7
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=1&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=e6bPrJzQaI&p=https%3A//untoldtea.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 873F 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 873F 0
223 B 53ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LMRjhnEytPL2Igvo0YpRsKfSunBtZCflViv71qmpIcFt_0ai2mCeR6tXvb3qyn2SBs3JvGgg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1188
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEK6I06-NnxsjZSArb9yVIhg&google_cver=1&google_push=AehlK4AXTibiTFLaF6FVYJVvAhAK-4hJjQLiFqWfap7u-KjAg-tUvboAnqmyQ3q8fJniPBvIYwg0ATMr5IzxKGLpt1YhwVjhCXI-_w
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AXTibiTFLaF6FVYJVvAhAK-4hJjQLiFqWfap7u-KjAg-tUvboAnqmyQ3q8fJniPBvIYwg0ATMr5IzxKGLpt1YhwVjhCXI-_w&google_hm=Q0FFU0VLNkkwNi1Obnh...

170 B
188 B

33ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AXTibiTFLaF6FVYJVvAhAK-4hJjQLiFqWfap7u-KjAg-tUvboAnqmyQ3q8fJniPBvIYwg0ATMr5IzxKGLpt1YhwVjhCXI-_w&google_hm=Q0FFU0VLNkkwNi1ObnhzalpTQXJiOXlWSWhn

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 23:33:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AXTibiTFLaF6FVYJVvAhAK-4hJjQLiFqWfap7u-KjAg-tUvboAnqmyQ3q8fJniPBvIYwg0ATMr5IzxKGLpt1YhwVjhCXI-_w&google_hm=Q0FFU0VLNkkwNi1ObnhzalpTQXJiOXlWSWhn
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 1188 0
42 B 32ms
16ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4CZ2pWm5rThvP5g8EflyIxbk_apGhnpND7sVwSGBzirU00LefLi7kVcCdSESsUtjF8gKUAAwSPJ0bbUsoEVeYAj4qb7S_v1WA&google_gid=CAESENEceJ2_ABuM2upzt8rrl7c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1188
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CUaAJP...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4CUaAJP...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDA1NzA4MTAxMjA4MQ%3D%3D&google_push=AehlK4CUaAJPzCIhTHS9FoMo4y4scn5chxITj8zWi_V5Y6e9RvBLcRb7v9244fWG4mqYxe...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDA1NzA4MTAxMjA4MQ%3D%3D&google_push=AehlK4CUaAJPzCIhTHS9FoMo4y4scn5chxITj8zWi_V5Y6e9RvBLcRb7v9244fWG4mqYxeAlcfNd0Shs8PqY_ZdLJ34vM_mcBMqZ

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDA1NzA4MTAxMjA4MQ%3D%3D&google_push=AehlK4CUaAJPzCIhTHS9FoMo4y4scn5chxITj8zWi_V5Y6e9RvBLcRb7v9244fWG4mqYxeAlcfNd0Shs8PqY_ZdLJ34vM_mcBMqZ
pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 04 Aug 2022 23:33:14 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 1188 43 B
106 B 37ms
17ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEBMB9GOYERyudMQr95RvzXQ&google_push=AehlK4Dlz82NChvx5ogkXuJpf2OxyrtOVnSuFoJohjVtpWY7T0Yey8MKzDvBVjLi_Nk4d8JBmX4yc7EJGX9FlW7b1xKDd1-uhiRYWg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 1188 43 B
134 B 40ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEMEw1XDT4i1p_MogzuksFZk&google_cver=1&google_push=AehlK4Ad8ENv8V_LxK8ZwVA0yirr8oJCgHtCP1FGsD9vroofelcx9CYFsqkYp6QxGIXnpI1yzvCfRJviv7Fgil4qE--zrKNjrgnkjA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=yDM1MRXydL&p=https%3A//untoldtea.com&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 9sgo6loq0gj0sklot6v2846ds2g3dhs7

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1188
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEA3X62OzDEmMNz_c5G67V8M&google_cver=1&google_push=AehlK4BdWuAdQ86G-dshC6_D3S6rdvUScTi9tYAV2SW3GXPkAcsnel6UI5mDqU60YzDRNnEhvf_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItTC1JNlRO&google_push=AehlK4BdWuAdQ86G-dshC6_D3S6rdvUScTi9tYAV2SW3GXPkAcsnel6UI5mDqU60YzDRNnEhvf_WQz8fiYXyBJyYcywLNoZcGDdM

170 B
188 B

32ms
19ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItTC1JNlRO&google_push=AehlK4BdWuAdQ86G-dshC6_D3S6rdvUScTi9tYAV2SW3GXPkAcsnel6UI5mDqU60YzDRNnEhvf_WQz8fiYXyBJyYcywLNoZcGDdM

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUItTC1JNlRO&google_push=AehlK4BdWuAdQ86G-dshC6_D3S6rdvUScTi9tYAV2SW3GXPkAcsnel6UI5mDqU60YzDRNnEhvf_WQz8fiYXyBJyYcywLNoZcGDdM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame 1188 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 1188 0
49 B 44ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LLsVK2Ykeby33_lnOBhvyf3UABOuyrrlCGStVefIyPr0Gnw8dDDqYSVfnyvdDvoQUJbonABg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame 36D1 35 B
463 B 44ms
7ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJfedM30vCb1l5diJmNbdDM&google_cver=1&google_push=AehlK4Dj9TeTfHHmno1hdL9_EoMeCnpHWPoSb9YJJ3ZFsvCL6GE0XBLa-ghStJHS2v90lFJzQEQcuaD_0LYgqhLP-VL4ZAdo-Q

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36D1
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEIXzTwAhqGsUnubhu6VBsFs&google_cver=1&google_push=AehlK4Aj0Hszi7-l0RD9DC4nFk8xYWYUjEcHcNgibBKjEtMoMsfxOtyJR0SVHXJJp8lZwbDgLtrkYkhA5LymAm7p0qKO-ugMad0
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Aj0Hszi7-l0RD9DC4nFk8xYWYUjEcHcNgibBKjEtMoMsfxOtyJR0SVHXJJp8lZwbDgLtrkYkhA5LymAm7p0qKO-ugMad0&google_hm=Q0FFU0VJWHpUd0FocUdzVW...

170 B
188 B

31ms
16ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Aj0Hszi7-l0RD9DC4nFk8xYWYUjEcHcNgibBKjEtMoMsfxOtyJR0SVHXJJp8lZwbDgLtrkYkhA5LymAm7p0qKO-ugMad0&google_hm=Q0FFU0VJWHpUd0FocUdzVW51Ymh1NlZCc0Zz

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 04 Aug 2022 23:33:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Aj0Hszi7-l0RD9DC4nFk8xYWYUjEcHcNgibBKjEtMoMsfxOtyJR0SVHXJJp8lZwbDgLtrkYkhA5LymAm7p0qKO-ugMad0&google_hm=Q0FFU0VJWHpUd0FocUdzVW51Ymh1NlZCc0Zz
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36D1
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DoV2lQ...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DoV2lQ...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDAxODMwNjY2MDQxMA%3D%3D&google_push=AehlK4DoV2lQbZay4v9lr2U81ChFvzfTxLLZ1yBS0Oh7if4RAR1msoD4l5LrCgzMPT2zxJ...

170 B
188 B

18ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDAxODMwNjY2MDQxMA%3D%3D&google_push=AehlK4DoV2lQbZay4v9lr2U81ChFvzfTxLLZ1yBS0Oh7if4RAR1msoD4l5LrCgzMPT2zxJ-UqgPjP_4Hj6tRugOSCV-95GlOLz8

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MDQyMzMzMTQwMDAxODMwNjY2MDQxMA%3D%3D&google_push=AehlK4DoV2lQbZay4v9lr2U81ChFvzfTxLLZ1yBS0Oh7if4RAR1msoD4l5LrCgzMPT2zxJ-UqgPjP_4Hj6tRugOSCV-95GlOLz8
pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Thu, 04 Aug 2022 23:33:14 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 36D1 43 B
350 B 30ms
16ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJITELJN01GH9fHynTha5f8&google_cver=1&google_push=AehlK4Cn2S58IFDLVrjjafmJ7zxiROzCyNqmTFAHLWjylGidlGnpQZfz1zCpMH4LokhoOzlanGApA4q4JX07ACUBgR5RdoPNn-k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JpbB7JEVt7&p=https%3A//untoldtea.com&dtd=11
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: vrdld3t486m8sesrp3d5cgf9s87csrtp

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 36D1 0
166 B 76ms
13ms Image
text/html 198.47.127.19
GTT-BACKBONE GTT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGzEj0So3tCBkn6PFwww4no&google_cver=1&google_push=AehlK4Dwz_ACQGsSlIEC2t9IAf2hMF6NIBhKhCmsyQf1hnLfH1Fz8LCEmQLMGnObPCj8kXXhirurhHenJ1by7Ek1O5bRqPxbR2E
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1659655993&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1659655993051&bpp=1&bdt=1407&idt=-M&shv=r20220803&mjsv=m202208020101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D876ac8baea6d5491-2246a755e6cd00d4%3AT%3D1659655992%3ART%3D1659655992%3AS%3DALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA&prev_fmts=0x0%2C1200x280&nras=3&correlator=6878584247776&frm=20&pv=1&ga_vid=1119513781.1659655993&ga_sid=1659655993&ga_hid=1494107614&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C31068758%2C42531606%2C31068721&oid=2&pvsid=264957734374039&tmod=54348768&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=JpbB7JEVt7&p=https%3A//untoldtea.com&dtd=11
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36D1
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJNJJ1-v3bCQNgBYPl7xIJs&google_cver=1&google_push=AehlK4DNUsgrbFLlegmWSAccqULh4DUnmiiHV-QVf0mBFdKFqopf7gaFM135ZKAS1Gytg6b500u...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUMtMUMtSlZBVw==&google_push=AehlK4DNUsgrbFLlegmWSAccqULh4DUnmiiHV-QVf0mBFdKFqopf7gaFM135ZKAS1Gytg6b500uVF3tAIMpROD3YeuEH5-dFkSI

170 B
188 B

32ms
19ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUMtMUMtSlZBVw==&google_push=AehlK4DNUsgrbFLlegmWSAccqULh4DUnmiiHV-QVf0mBFdKFqopf7gaFM135ZKAS1Gytg6b500uVF3tAIMpROD3YeuEH5-dFkSI

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZGT0JTUUMtMUMtSlZBVw==&google_push=AehlK4DNUsgrbFLlegmWSAccqULh4DUnmiiHV-QVf0mBFdKFqopf7gaFM135ZKAS1Gytg6b500uVF3tAIMpROD3YeuEH5-dFkSI
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 36D1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECotQTKeA8bOVyofOIwEJ14&google_cver=1&googl...
https://r.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESECotQTKeA8bOVyofOIwEJ14&google_push=AehlK4Cyq...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4Cyq3-5IV51eeeLtu85SZzr6rVk2eGgzuelYZAA4whHb0gGlRmDx6D89sxqUWsoJjRr3DcY...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4Cyq3-5IV51eeeLtu85SZzr6rVk2eGgzuelYZAA4whHb0gGlRmDx6D89sxqUWsoJjRr3DcYoZQcp0kSSH2RfZWwfmNttGc&google_gid=CAESECotQTKeA8bOVyofOIwEJ14

Requested by

Host: untoldtea.com
URL: https://untoldtea.com/

Protocol

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

cf-ray: 735b18ca4d5d9968-FRA
pragma: no-cache
date: Thu, 04 Aug 2022 23:33:13 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cHGRdk34ddHzB84mYi%2BRwHB2kMr5uO82xePsB%2FwO38rnEDsKJH6y%2Foyf7A85Kx9B%2Bzhy61gKtXLQVhnq%2FmyvcX4Nkg75y5sWqsilxHqrpEByZXEksJSxPWnRZDjQS7OOSu9L"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YuxXOUdz2XGRm2Mh88GdCwAABIkAAAIB&google_cver=1&google_push=AehlK4Cyq3-5IV51eeeLtu85SZzr6rVk2eGgzuelYZAA4whHb0gGlRmDx6D89sxqUWsoJjRr3DcYoZQcp0kSSH2RfZWwfmNttGc&google_gid=CAESECotQTKeA8bOVyofOIwEJ14
cache-control: no-cache
content-type: text/html; charset=iso-8859-1
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 36D1 0
49 B 35ms
15ms Image
text/html 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ITfSC0bHpmd2aFpu9R_GtIlevYVAK4ZF9-chbiIRNcjAL6vuzPSc5fi5U0fB69CqoTzZuH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1BEB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

24ms
23ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 1FC3 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 18:21:11 GMT

GET
H2 200 avcplayer_2_89.js Show response
cdn.avantisvideo.com/js/ 279 KB
63 KB 7ms
7ms Script
application/javascript 2600:9000:2057:9000:1c:38a0:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: WJ3jJPCCM3aAkcwTY.vegsvtShd_34Wm
content-encoding: gzip
last-modified: Wed, 13 Apr 2022 11:56:10 GMT
server: AmazonS3
age: 64039
etag: W/"c6be89ee3bd8da9b1dbb4115606e1bbd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 baa5702f7bd64fcbae1e3bd950d9a244.cloudfront.net (CloudFront)
date: Thu, 04 Aug 2022 05:45:55 GMT
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: mfiVPMotpa_XFtcwDxptBn6dfuXAYfmNPnBSGDz6ZjHnaD5I50Hheg==

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 945A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

38ms
38ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
expires: Thu, 04 Aug 2022 23:33:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 04 Aug 2022 23:33:13 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame F3FA 36 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 18:21:11 GMT

GET
H2 200 ins.txt Show response
static.avantisvideo.com/data/ 28 KB
4 KB 11ms
11ms XHR
text/plain 2600:9000:214f:fa00:8:9ed9:9c40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.avantisvideo.com/data/ins.txt
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:fa00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 04 Aug 2022 23:32:41 GMT
content-encoding: gzip
last-modified: Wed, 30 Mar 2022 08:05:53 GMT
server: AmazonS3
age: 33
etag: W/"15dd250762ab54d6ff995255934ac6fe"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: text/plain
access-control-allow-origin: https://untoldtea.com
access-control-allow-credentials: true
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: v7SkLhKQs1lJNBjHoRJJ4P576fQCQmtzWK6w7Z59nB4yobl1fMHDiw==
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)

GET
H2 200 hls.min.js Show response
player.avplayer.com/script/2/2.55/libs/ 247 KB
71 KB 60ms
8ms Script
application/javascript 2a02:26f0:3500:c::5c7b:6822
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdstGGWlRWBPv-OjQ_DsB2viQXPeOr9Add0S6VJCJzI7h5mXi-i4HrWI9P6NrNzuEn0d6eK4T7keIp7lMG_cWg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 71831
last-modified: Sun, 10 Jan 2021 14:52:52 GMT
server: UploadServer
etag: "7888b98658e8cef4a98786556ccdab66"
vary: Accept-Encoding
x-goog-hash: crc32c=vMWMIg==
content-language: en
x-goog-generation: 1610290372874389
cache-control: public, max-age=300
x-goog-stored-content-length: 71831
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 04 Aug 2022 23:38:14 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 385 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 240 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 AVmanager.js Show response
player.aniview.com/script/6.1/ Frame E54F 387 KB
110 KB 30ms
8ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Requested by: Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4c84a9ea220f42a24f4f358b99ce4589d21c4d340e28d6cb6d2558d4f47bf4b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvRVgc6ipBrt2f6KM4RPDRRQ8j2Dy7XOCng7EI8YBuV57H-kKxPXSe3ng6PS7NU23DTHmzKf-H0m2ZYM4wzE_mDgw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 111632
last-modified: Sun, 31 Jul 2022 06:08:10 GMT
server: UploadServer
etag: "273cbc4833172202c70c8ed03f20be3a"
vary: Accept-Encoding
x-goog-hash: crc32c=/LSAzg==, md5=Jzy8SDMXIgLHDI7QPyC+Og==
x-goog-generation: 1659247690099252
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 111632
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 04 Aug 2022 23:38:14 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 300ms
94ms Image
text/plain 52.0.187.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?r=untoldtea.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.40&apppkg=&fv=3&proto=https&pid=61027ad23e194874003ad256&cid=61067b580d5316705a4e4044&stagid=&stplid=&e=inventory&vi=3&cb=1659655994127
Requested by: Host: untoldtea.com
URL: https://untoldtea.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.187.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-187-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 / Show response
go1.aniview.com/api/adserver/tag/ 5 KB
2 KB 354ms
144ms XHR
application/json 54.145.157.73
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Funtoldtea.com%2F&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fhls%2Fenvironment_01.m3u8%3Fid&tid=1&d=desktop&i=0&cc=DE&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=61027ad23e194874003ad256&AV_CHANNELID=61067b580d5316705a4e4044&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=untoldtea.com&AV_DADPOS=3&d36=6.2.40&responsive=1&sver=2&avtoken=994126&omv=1.0.1&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1659655994162
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.145.157.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-145-157-73.compute-1.amazonaws.com
Software: /
Resource Hash: 84e8a9c002d0a0c48eda066830c88113a365f12514aa53362382d4e0bd626e50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://untoldtea.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Sun, 24 Jul 2022 09:46:34 GMT

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 177ms
177ms Ping
text/plain 54.149.127.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Requested by: Host: untoldtea.com
URL: https://untoldtea.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT

GET
H2 200 environment_01.m3u8 Show response
content1.avantisvideo.com/hls/ 20 KB
4 KB 639ms
601ms XHR
application/x-mpegurl 2600:9000:2057:9000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/environment_01.m3u8?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e220666c7e2ad9897caf9c87af3302d00f5383da329649148beb3ede661a9da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:15 GMT
content-encoding: gzip
last-modified: Tue, 02 Nov 2021 08:58:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
etag: W/"be5d4ac68718a60b6bd4dcb4a418818d"
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
x-amz-version-id: lrqjKoBfLYVwzWzCP76XybKNrKukI.5s
access-control-allow-origin: https://untoldtea.com
access-control-allow-credentials: true
x-cache: Miss from cloudfront
content-type: application/x-mpegURL
x-amz-cf-id: dM2UN7nwQm3Ovvrz-ljtI_dwXoH9wO3zWDNlcOj5nWCSCdCttLw12Q==
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 47ms
28ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220803&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f69f16bf5953b63a71be318fe9bc73e5c7e4d4bb67be6d36071bca3882d905e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10818
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 04 Aug 2022 23:33:14 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame CFDE 42 B
64 B 46ms
43ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst7HhVBLABXpuAxUdBhQwfHz4_5hlIJNrksbxFsmelx4_0n2evEp-lYlXzQSyFhzWCGUOAfU_I3sBVZrBpzcwLYXTut5yQKmIT3R0in11Ph8pVAVXJwpVShBVhqO0v0k-WyFsjsf1zcxn3F&sai=AMfl-YQUtn9lbeqZF3-Y63EtiA2rmC3sFXlEypG1gOV9kDXQefFdeqoz5A0j-ttJBpglvJlfr4QHE2oAI1Du&sig=Cg0ArKJSzNvFl_6OTDWvEAE&id=lidar2&mcvt=1004&p=0,0,124,1005&mtos=100,687,1004,1135,1231&tos=100,587,317,131,96&v=20220803&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659655993102&rpt=161&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiesyncendpoint Show response
sync.aniview.com/ Frame BA53
Redirect Chain

https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1659655994461-925059311695-006756-001-002125%26biddername%3D55%26key%3D%24UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1659655994461-925059311695-006756-001-002125%2526biddername%253D55%2526key%253D%...
https://sync.aniview.com/cookiesyncendpoint?auid=1659655994461-925059311695-006756-001-002125&biddername=55&key=764224119432732910

0
214 B

314ms
99ms

Document
text/plain

52.70.17.67
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aniview.com/cookiesyncendpoint?auid=1659655994461-925059311695-006756-001-002125&biddername=55&key=764224119432732910
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.17.67 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-17-67.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
date: Thu, 04 Aug 2022 23:33:14 GMT

Redirect headers

AN-X-Request-Uuid: 72ed9679-5520-421a-89d9-7d9cc0b3798f
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Thu, 04 Aug 2022 23:33:14 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://sync.aniview.com/cookiesyncendpoint?auid=1659655994461-925059311695-006756-001-002125&biddername=55&key=764224119432732910
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 81.95.5.41; 81.95.5.41; 957.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2 200 avpb6.27.0.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame E54F 178 KB
54 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtlYk3Fs7SyKH1T77iaNMqaxZjG_njyTGMvtRuM9yr38bnnflevgXhd0f0baUulctJ5O2sOS2Kt2AggMFWmA1FLll7v7JtA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 54791
last-modified: Sun, 31 Jul 2022 06:08:10 GMT
server: UploadServer
etag: "9eb98c5a864747e02d6e178f4db4e041"
vary: Accept-Encoding
x-goog-hash: crc32c=jNPpDA==, md5=nrmMWoZHR+AtbhePTbTgQQ==
x-goog-generation: 1659247690684300
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 54791
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 04 Aug 2022 23:38:14 GMT

GET
H2 200 avpb6.27.0a1.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame E54F 71 KB
22 KB 10ms
9ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtHB8FxP9Oq_MFy20BQJdubvIHsn_q2iA3345y_wIATSncdm_dydm8EhN4xCot_COmOXH1ZXoiHQoHsM-OIMlE4
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 22126
last-modified: Sun, 31 Jul 2022 06:08:10 GMT
server: UploadServer
etag: "7ef4f855b592425d37eaac016ee1b394"
vary: Accept-Encoding
x-goog-hash: crc32c=h4ar1g==, md5=fvT4VbWSQl036qwBbuGzlA==
x-goog-generation: 1659247690842038
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 22126
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 04 Aug 2022 23:38:14 GMT

GET
H2 200 avpb6.27.0a2.js Show response
player.aniview.com/script/6.1/libs/prebid/ Frame E54F 68 KB
21 KB 11ms
10ms Script
application/javascript 2a02:26f0:3500:595::2c79
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a2.js
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 4ec27c706ee75280240d7212b5194c09facc6c8e00272d0d764320aef7ac1976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvj0PwS7k2j08E0A6NKr5VOX9dm-n4nH5Bbs_P-YV9wCiMtTev6ZDbyMe1GZWwpJkgCMlh9xgIVHLotlmeLBHZhjSH_CmgT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 20613
last-modified: Sun, 31 Jul 2022 06:08:11 GMT
server: UploadServer
etag: "1b0dc32f78d604fd3c97a512d3552448"
vary: Accept-Encoding
x-goog-hash: crc32c=iQH1Rg==, md5=Gw3DL3jWBP08l6US01UkSA==
x-goog-generation: 1659247690855638
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=300
x-goog-stored-content-length: 20613
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 04 Aug 2022 23:38:14 GMT

GET
H2 200 track
track1.aniview.com/ 0
70 B 94ms
93ms Image
text/plain 52.0.187.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=97615&t=1659655994&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1659655994461-925059311695-006756-001-002125&cha=0.7&stagid=&stplid=&d35=&d36=6.2.40&cb=89555525523&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1659655994538&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.187.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-187-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8F37 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 15668
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 19:12:06 GMT
expires: Fri, 04 Aug 2023 19:12:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5FFC 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

81773b58f083c45949cd2403afdd57f1201882205e47c83dfd9cad43f12c84c5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GkiHSnLfUg0BfaXC-SlPdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-GkiHSnLfUg0BfaXC-SlPdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 04 Aug 2022 23:33:14 GMT
expires: Thu, 04 Aug 2022 23:33:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 73ms
9ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://untoldtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://untoldtea.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 04 Aug 2022 23:33:14 GMT
server: ATS/9.1.0.46

POST
H2 204 / Show response
hb.emxdgt.com/ 0
157 B 42ms
10ms XHR
text/plain 54.93.158.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=7000&ts=1659655994575&src=pbjs
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-158-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://untoldtea.com
date: Thu, 04 Aug 2022 23:33:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
192 B 35ms
18ms XHR
text/plain 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://untoldtea.com
date: Thu, 04 Aug 2022 23:33:14 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B440 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvhcR9sQxXjVy1pJdPgTJESyG1Tvhhix4hkfnk9DQwauMcOeACk7ry4tRLLWfdDV0aprb1d23K8GonouZEyAWczDjiNcvrLgu4jONiyWxY8BBPvgSJll_5HQeST-IgZmdxhSmLcLHjUM-zN&sai=AMfl-YTeqtkZX15fw9QX7nY09sJV7uQx7Drn3QJC1m4gFEtXd5N5TlG9X861JVyKG4aUtuQt1QaTNRJcU8yQ&sig=Cg0ArKJSzE-yPd_kUF3yEAE&id=lidar2&mcvt=1006&p=0,0,280,1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220803&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1659655992607&rpt=961&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Aug 2022 23:33:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5FFC 0
0 42ms
42ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220803&jk=264957734374039&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H3 200 3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F37 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 18:21:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14039
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Aug 2023 18:21:11 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8F37 0
9 B 7ms
7ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?mOBMFg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 176ms
176ms Ping
text/plain 54.149.127.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT

OPTIONS
H2 200 PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 0
0 10ms
10ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://untoldtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://untoldtea.com
access-control-max-age: 600
age: 0
content-length: 0
date: Thu, 04 Aug 2022 23:33:14 GMT
server: ATS/9.1.0.46

GET
H2 200 track
track1.aniview.com/ 0
70 B 94ms
94ms Image
text/plain 52.0.187.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=97615&t=1659655994&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1659655994461-925059311695-006756-001-002125&cha=0.7&stagid=&stplid=&d35=&d36=6.2.40&cb=89555525523&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1659655994701&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.187.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-187-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

POST
H2 204 PBJS Show response
c2shb.pubgw.yahoo.com/admax/bid/partners/ 0
19 B 70ms
70ms XHR
text/plain 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.0.46 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://untoldtea.com
date: Thu, 04 Aug 2022 23:33:14 GMT
access-control-allow-credentials: true
server: ATS/9.1.0.46
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST,GET,HEAD,OPTIONS

POST
H2 204 / Show response
hb.emxdgt.com/ 0
156 B 13ms
13ms XHR
text/plain 54.93.158.222
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=7000&ts=1659655994703&src=pbjs
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.158.222 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-158-222.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://untoldtea.com
date: Thu, 04 Aug 2022 23:33:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 177ms
176ms Ping
text/plain 54.149.127.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 23:33:14 GMT

GET
H2 206 environment_01.ts Show response
content1.avantisvideo.com/hls/ 834 KB
836 KB 616ms
615ms XHR
video/mp2t 2600:9000:2057:9000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dc1aafbca8fd28e5b6b13dd47513e4a441e92f370c4171a2438e8ff3e5f9966

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=0-854271

Response headers

date: Thu, 04 Aug 2022 23:33:16 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
Content-Range: bytes 0-854271/266206684
Content-Length: 854272
last-modified: Tue, 02 Nov 2021 08:57:58 GMT
server: AmazonS3
etag: "91b44901c89824d5518fb7ec201e514b-16"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: 4Nh3pRm56NfaWsYsnWw1aX.IRuJZpO7U
access-control-allow-origin: https://untoldtea.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: video/MP2T
x-amz-cf-id: MP5dtWcla1-_xP7GPmKrnIUyNmeyELonISID2DMdxeXmo7M3lpeVKQ==

GET
BLOB 200
OK a58d9b1e-6c94-4568-9cc7-41c83caaa989
https://untoldtea.com/ 63 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://untoldtea.com/a58d9b1e-6c94-4568-9cc7-41c83caaa989
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length: 64352
Content-Type: text/javascript

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 7E72 926 B
1 KB 52ms
15ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 3407
CF-Cache-Status: HIT
CF-RAY: 735b18d23dee915e-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 04 Aug 2022 23:33:15 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Fri, 05 Aug 2022 00:33:15 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 2588 926 B
1 KB 51ms
15ms Document
text/html 104.17.120.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://untoldtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 3407
CF-Cache-Status: HIT
CF-RAY: 735b18d24cb29bdc-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Thu, 04 Aug 2022 23:33:15 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Fri, 05 Aug 2022 00:33:15 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id: 15DG7FS62Q387667

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 45ms
44ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220803&jk=264957734374039&bg=!3d6l3prNAAZGjrx1Zo47ACkAdvg8WiTr0F3MAovRI6aT2-eA8qcbTy6iWH8Wvmxino8L5fsTnNPn-QIAAABOUgAAAAdoAQeZAtU4ArkTeKL2FwO-SPgvqLCoHtRbJvKiYmH0sqroRpf1f2Ax3vM9sZfEwkcufpDmy16plwRUBvCIxnPVagszy5mu0RSDE0o4Gmem3ZQrxvHqBizaunKXtxuRa7blWksBzxoIl4UuGcxVXAQjFwKPYrK4Y0iZT6qKAFMBMpjItmFN6fhdLlB1Km_bPv46F1-eIymcQ-6hn0afo1EPy-Pcn_eWd4pRkj0tPKW9zHACVxJ0Tq-SwFNyQXEMdPSmeYUVPARaHCVsCx8CUY9mkNnDaau-LTbRoj6FzmmTfUGKx31dgQdyId_1U4-q5eva42gPOgrGZyiK87Hpj8-hL5tguvJ8mMMO_4lk5fIHuf8BsxHsO1KeXKA8EkunHEmSP34KUKCiVuHh1j3iTYk9Oa8JMsBlK9bGELNusWCjh_XCZXFK5Fk81CJntEUY8iql5cSU0n_lTH5e1rKQ3gluXfd5vHHLeihFzG0FNwlzIIXp9gJbM_qzG8uWeJ9WZgDb939B2OOVKQ3OtwbMifH3sz3PyeAetvCbMSsA6JX-g5yg_6FnojVRTRxtnOkvVAUXGPJWxZCc-Dfo_asOgJ8f-pue_oYIfjxy9_XJneTwfpEV3brMJLN9RbMC8fd6pBJpSB1c8r4m7LxPT_K6QtfPl1QHwJ1nzjua3VqhQJcMan0dzYdFvWij_QquiJvJ6VJ3RuuHRy65zz9PcHeI2O2lXBK_HgVgDmiCsVqeZiDqLN0lhyFrXyd7a8ThbnzPI2K0AlilwRzMPlCSD4trGdT-dOy6CWD-7wQn9zdetDDdO0FkR1AtmP2CKSw-HICHhsgyRIJMkuaidT7Dk8m2JDh596PuYen8EZBkzULUGWvLxAf7N9RivfBw0uGDnL2n0_OUC6QZ6-fMGMqopPKyXla6zWPeGnoay1rnhv9J6xuK2yWOsukx45B1UgjV785ezsqposAB7S3dzw0HtA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://untoldtea.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

GET
H2 206 environment_01.ts Show response
content1.avantisvideo.com/hls/ 802 KB
804 KB 1319ms
1318ms XHR
video/mp2t 2600:9000:2057:9000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 86f8fd7a9518c2750ac969f6f346f0ede9c662f5b9b8483ce7a07a47aa0abea2

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=854272-1675455

Response headers

date: Thu, 04 Aug 2022 23:33:17 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
Content-Range: bytes 854272-1675455/266206684
Content-Length: 821184
last-modified: Tue, 02 Nov 2021 08:57:58 GMT
server: AmazonS3
etag: "91b44901c89824d5518fb7ec201e514b-16"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: 4Nh3pRm56NfaWsYsnWw1aX.IRuJZpO7U
access-control-allow-origin: https://untoldtea.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: video/MP2T
x-amz-cf-id: yADvUmndc2KZwCz2j9_v_0mNC61ltRiumRsks2F-aHUcY6aCRuK4Ag==

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 /
events1.avantisvideo.com/ 0
34 B 176ms
176ms Ping
text/plain 54.149.127.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events1.avantisvideo.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 04 Aug 2022 23:33:16 GMT

GET
H2 206 environment_01.ts Show response
content1.avantisvideo.com/hls/ 1 MB
1 MB 1176ms
1175ms XHR
video/mp2t 2600:9000:2057:9000:1e:efeb:b400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by: Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:9000:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2171fad08ad72818af5d69d43092d3dc5af06c95a98e8d456da552290bdb2afe

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range: bytes=1675456-3194307

Response headers

date: Thu, 04 Aug 2022 23:33:19 GMT
via: 1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
Content-Range: bytes 1675456-3194307/266206684
Content-Length: 1518852
last-modified: Tue, 02 Nov 2021 08:57:58 GMT
server: AmazonS3
etag: "91b44901c89824d5518fb7ec201e514b-16"
vary: Origin
access-control-allow-methods: GET
x-amz-version-id: 4Nh3pRm56NfaWsYsnWw1aX.IRuJZpO7U
access-control-allow-origin: https://untoldtea.com
access-control-allow-credentials: true
accept-ranges: bytes
content-type: video/MP2T
x-amz-cf-id: -b6kOkH-11WqbvKIqwfdxUSh3bBocW8DzbjFfYTTmLMvkzVz-72V6Q==

POST
H2 200 track Show response
track1.aniview.com/ 0
94 B 280ms
93ms XHR
text/plain 52.0.187.152
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=97615&t=1659655994&cip=81.95.5.41&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1659655994461-925059311695-006756-001-002125&cha=0.7&stagid=&stplid=&d35=&d36=6.2.40&cb=89555525523&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by: Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.187.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-187-152.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://untoldtea.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 04 Aug 2022 23:33:19 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET environment_01.ts
content1.avantisvideo.com/hls/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEC3h9MHtTSPIqkqs0b8Jc98&google_cver=1&google_push=AehlK4B3GOIurzYWhLV0uYV94VuM35EXkRMdcuull-7vJx3lwOS71u478SFCucqvna2k8j-1fwMz7cuxSX7vpwtB2YC25GMhswR_au0

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDm81LJKxfKCs_vvD58QKHw&google_cver=1&google_push=AehlK4ASH_w_LIwXWLWo87e3rOtyrPNIB0xP23KoFc4661jCbGLOS55n9_3gYAIzNQBPeNWkCCBBzN3kz6R1FFPZ34hZEKy6AL7T2Ic

Domain: content1.avantisvideo.com
URL: https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

37 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
untoldtea.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 58ee79db95b50d34202c03835b480a21
.untoldtea.com/	1970-01-20 14:36:55	Name: _pnvl Value: false
.untoldtea.com/	1970-01-20 14:36:55	Name: pushly.user_puuid Value: LjTXsA7gyXQSmYXGZnSTtNNGC6rximVg
.untoldtea.com/	1970-01-20 14:36:55	Name: _pndnt Value:
.untoldtea.com/	1970-01-20 14:36:55	Name: _ga_M28037773M Value: GS1.1.1659655992.1.0.1659655992.0
.untoldtea.com/	1970-01-20 14:22:31	Name: __gads Value: ID=876ac8baea6d5491-2246a755e6cd00d4:T=1659655992:RT=1659655992:S=ALNI_MahY1MyX7ZZJHnImJk_Dz5TGgwZrA
.untoldtea.com/	1970-01-20 14:36:55	Name: _ga Value: GA1.2.1119513781.1659655993
.untoldtea.com/	1970-01-20 05:02:22	Name: _gid Value: GA1.2.1061434580.1659655993
.untoldtea.com/	1970-01-20 05:00:56	Name: _gat_gtag_UA_105305343_4 Value: 1
.untoldtea.com/	1970-01-20 14:36:55	Name: _pnlspid Value: 14214
.untoldtea.com/	1970-01-20 14:36:55	Name: _pnss Value: dismissed
.untoldtea.com/	1970-01-20 05:11:00	Name: _pnpdm Value: true
.doubleclick.net/	1970-01-20 05:00:59	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 14:22:31	Name: IDE Value: AHWqTUmiR5xP3mUGEP-YE74eMQ-Ho4QiRfV1sylqUbHwrzk5EAReRbvj_qcistVhHkU
.agkn.com/	1970-01-20 13:46:31	Name: u Value: C\|0CEAqfxO5Kn8TuQAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/	1970-01-20 13:46:31	Name: ab Value: 0001%3APcQxaC9wkmXyGstbIaclgbs0hgktjBX%2F
.casalemedia.com/	1970-01-20 13:46:31	Name: CMID Value: YuxXOUdz2XGRm2Mh88GdCwAA
.casalemedia.com/	1970-01-20 07:10:31	Name: CMPS Value: 1131
.quantserve.com/	1970-01-20 07:10:31	Name: d Value: EF0BCQHjJoEA
.quantserve.com/	1970-01-20 14:31:10	Name: mc Value: 62ec5739-da7ab-504c9-22de1
.casalemedia.com/	1970-01-20 07:10:31	Name: CMPRO Value: 1161
.casalemedia.com/	1970-01-20 05:02:22	Name: CMST Value: YuxXOWLsVzkA
.casalemedia.com/	1970-01-20 07:10:31	Name: CMTS Value: 1179
.innovid.com/	1970-01-20 07:10:31	Name: uuid Value: 9ddeacda-8c38-4b11-8bd6-ca7ddb971588-20220804 19:33:13
.e.dlx.addthis.com/	1970-01-20 14:31:10	Name: na_tc Value: Y
.addthis.com/	1970-01-20 14:31:10	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 05:44:07	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 05:44:07	Name: na_sr Value: 20220804
.dlx.addthis.com/	1970-01-20 05:00:56	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 05:44:07	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 14:31:10	Name: na_id Value: 2022080423331400018306660410
.addthis.com/	1970-01-20 14:31:10	Name: uid Value: 62ec573a7094797d
.addthis.com/	1970-01-20 14:31:10	Name: ouid Value: 62ec573a0001ceb3a8c3c44b57edf6c6371ea5fdfd89199b0fdd
untoldtea.com/	1970-01-20 05:44:07	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adnxs.com/	1970-01-20 07:10:31	Name: uuid2 Value: 764224119432732910
.aniview.com/	1970-01-20 05:02:22	Name: 2_C_55 Value: 764224119432732910
sync.aniview.com/	1970-01-20 05:02:22	Name: 2_C_55 Value: 764224119432732910

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEC3h9MHtTSPIqkqs0b8Jc98&google_cver=1&google_push=AehlK4B3GOIurzYWhLV0uYV94VuM35EXkRMdcuull-7vJx3lwOS71u478SFCucqvna2k8j-1fwMz7cuxSX7vpwtB2YC25GMhswR_au0 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDm81LJKxfKCs_vvD58QKHw&google_cver=1&google_push=AehlK4ASH_w_LIwXWLWo87e3rOtyrPNIB0xP23KoFc4661jCbGLOS55n9_3gYAIzNQBPeNWkCCBBzN3kz6R1FFPZ34hZEKy6AL7T2Ic Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DsT8OqXfi-MCoQyuvJy24YbZziANivHGxQBysvjRRFs_WM3TrsBnriigWIMoOrsu_i9sE42xGaOfmIiH3_Ve_x5K2gDjseNQ&google_gid=CAESELGAVvEXCBbltoTVjdxNyns&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4CZ2pWm5rThvP5g8EflyIxbk_apGhnpND7sVwSGBzirU00LefLi7kVcCdSESsUtjF8gKUAAwSPJ0bbUsoEVeYAj4qb7S_v1WA&google_gid=CAESENEceJ2_ABuM2upzt8rrl7c&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
avm.avantisvideo.com
biddr.brealtime.com
c2shb.pubgw.yahoo.com
cdn.avantisvideo.com
cdn.p-n.io
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
content1.avantisvideo.com
d.agkn.com
e.dlx.addthis.com
encrypted-tbn1.gstatic.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hb.emxdgt.com
id.rlcdn.com
image6.pubmatic.com
k.p-n.io
maxcdn.bootstrapcdn.com
odr.mookie1.com
p4-eekv7guadjlwi-srxywvcsynjxdcjk-if-v6exp3-v4.metric.gstatic.com
p4-eupuotn4q7xem-fjayzmsvgmekfian-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
player.avplayer.com
r.casalemedia.com
region1.google-analytics.com
rtb.openx.net
secure.adnxs.com
ssum-sec.casalemedia.com
static.avantisvideo.com
stats.g.doubleclick.net
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
untoldtea.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
content1.avantisvideo.com
googlecm.hit.gemius.pl
104.17.120.107
104.18.18.126
142.250.181.226
142.250.181.227
142.250.184.195
142.250.186.66
18.158.184.65
18.192.108.196
185.89.211.117
198.47.127.19
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3a
2600:9000:2057:0:3:748e:7940:93a1
2600:9000:2057:9000:1c:38a0:8a40:93a1
2600:9000:2057:9000:1e:efeb:b400:93a1
2600:9000:214f:fa00:8:9ed9:9c40:93a1
2606:4700:3033::6815:3f36
2606:4700:7::a29f:872a
2606:4700::6811:190e
2606:4700::6812:acf
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2004
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2003
2a00:1450:400c:c0d::9b
2a02:26f0:3500:595::2c79
2a02:26f0:3500:c::5c7b:6822
2a05:d01c:1d8:8100:ef96:9ea8:1cfe:fd9
34.98.67.61
35.186.253.211
35.244.174.68
52.0.187.152
52.28.203.152
52.70.17.67
54.145.157.73
54.149.127.17
54.93.158.222
69.173.144.165
69.192.160.219
99.86.4.23
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
01b43417d89abafa536872c1d43bb27916170b4eb8778846b7b9d1b13c6c6c85
02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f3e8acba3af50c94f1aa209e060f559da7c9c019c4c546750e74732a0bb971
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
0902dec48fb1d266f487bb94062ca38bc26219c5a285ed0bd38b424d5f893e9b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cfbb7a78e112f816d7dd7da51287995b39f7b9d9b21fa9befaa25e7da2d50c7
0dc1aafbca8fd28e5b6b13dd47513e4a441e92f370c4171a2438e8ff3e5f9966
0fd0f852fccbd0829daa2589b4a4808c2d92bec037c1347e331a5fb7ad2f606e
1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18e32dabc0e5ea4eec2b24598742adb69d457b3440c452ed9457e71574370372
1d48cb198c6bea475b240ef7057d249022fd7ef972e2b288afe4567377d4f921
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee
2171fad08ad72818af5d69d43092d3dc5af06c95a98e8d456da552290bdb2afe
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
2f1abeccfa13c1f4fd7293731c9ad63ead54eecefa82e210be6fb301d23cc5e8
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c84a9ea220f42a24f4f358b99ce4589d21c4d340e28d6cb6d2558d4f47bf4b7
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ec27c706ee75280240d7212b5194c09facc6c8e00272d0d764320aef7ac1976
51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95
54f11f4e5e9697be3e0f791d20e3ae0b13896d51ae162eb6b182f92a83fff3ea
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429
5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e5ee07c0b9aebe4b9fe10f351068879e9046771eaae0fecc0d06a320e75d472
5fc5e78ef0239bc569b79ced8ea77c5eab79567b7bd32d7a3b789f6f6739267e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6552c939422a87fb5cd661a8766a245e4acb52dce36f216bd5a0670756ad60d1
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509
7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43
7d49dd59d227a3bf5a6bf0a15d5f29a29315df214d79adfe215d59acb8258957
7f69f16bf5953b63a71be318fe9bc73e5c7e4d4bb67be6d36071bca3882d905e
7f8f4a16467c23ae2fd8e0b94ffac451bd278f91551632c63a6a309f36af4b0b
81773b58f083c45949cd2403afdd57f1201882205e47c83dfd9cad43f12c84c5
8222630daeff1fc2ca2c6406081eb13440a9e76aba4fb1d3a70dfdad8664ce9c
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
84e8a9c002d0a0c48eda066830c88113a365f12514aa53362382d4e0bd626e50
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86f8fd7a9518c2750ac969f6f346f0ede9c662f5b9b8483ce7a07a47aa0abea2
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
883f1d80e8bef38387aea6c74988548fde94016179aab5c597f0f2cf94f86a57
8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d0bfd8b8c9c82b9a3e4e613b3fd5c153b783da25cf91d8fdc2ee6b4e5e1c2d5
8d66710e1b93cd4fd56f7578a750140c21a47970f80878a4687bcdec051420b2
925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860
92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332
9701cf3a934cd516387c7ec2c3e76be8281c2e77594a8686361fe6df3bb8149b
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9fb492388e501950a703894f90e7a849d1bcdb1258c10726dab2025bdff116ec
9fb54b145d89dc9591614a5be5851e004ff3a2675e3e8f64fd6e08068861147a
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e
a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010
a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac
ab430a69ae897d182200a161304b596ecd8d325622c5d12c3757d215c83710cc
ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40
acc59f9b5fce9cdc25d3dc8ca8011fe8bf3e07ca3d24440fa26b221c57ffd499
ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6
adeb906aa5b03f24e5d4394a46c4338dab3d512884bd1415dbc55cca056c94bb
ae7340c16acbf8e6f5fe96977e4213b9430f1e1067a835c1d23ee1697722e9b9
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
b93eb618958f10756353100afbcfc36ff0340c62467da3b14e221ca7e06fe44f
bb597e59173d3b360375baf267516ba3be83c2f0465308a37954cf8cc65322f4
bcf128f880b3b04f494c4e5cef80fb77ed8fb1802caafbcb694c8e716f8a6855
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0a6271c3243718f5eff0ce604b230a09af01fa8d32abead1d69335739d20986
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e220666c7e2ad9897caf9c87af3302d00f5383da329649148beb3ede661a9da5
e30a952eadc89f735e92201acd81796193eebddb8926d345c6ce092126c9257a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ab9890a6f19a23e54ec4cbdcd914544912ae2860f5eb4beddc625009ebe85e
e7c7f55b7c3307e111c19518cf78c1474e9e37ab5d4aa9133c9392e7bf38e00e
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eab293839fb2aa5cfda5c6861bef235adf8127e9b7491caca48dc961a61d9b03
ee18b5c36b50a51aed6da67f5f3f494ef1bbf50fdb47e668cceb947072783b30
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc
f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47
f7172eed49d05b7e78f10a79d5e1cea25fc806cdd9f1449f4e8d67e1e83156a7
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fdde197651bdc06e75ef5109137a696696ab3bef2073402e1ea94b858709c3bb
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

untoldtea.com Open in urlscan Pro 2606:4700:7::a29f:872a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

221 Requests

93 %HTTPS

56 %IPv6

34 Domains

54 Subdomains

46 IPs

6 Countries

6186 kBTransfer

10780 kBSize

37 Cookies

1 Outgoing links

Page URL History

Redirected requests

221 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

untoldtea.com Open in urlscan Pro
2606:4700:7::a29f:872a Public Scan

Screenshot
Live screenshot

Full Image

221
Requests

93 %
HTTPS

56 %
IPv6

34
Domains

54
Subdomains

46
IPs

6
Countries

6186 kB
Transfer

10780 kB
Size

37
Cookies

221 HTTP transactions
9 data transactions