urlscan.io logo urlscan.io
SecurityTrails logo

untoldtea.com Open in urlscan Pro
2606:4700:7::a29f:872a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://untoldtea.com/
Effective URL: https://untoldtea.com/
Submission: On August 09 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 6 countries across 32 domains to perform 227 HTTP transactions. The main IP is 2606:4700:7::a29f:872a, located in United States and belongs to CLOUDFLARENET, US. The main domain is untoldtea.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.
This is the only time untoldtea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 32 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
18 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 18.66.112.6 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:249... 16509 (AMAZON-02)
2 2600:9000:225... 16509 (AMAZON-02)
7 54.149.127.17 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
29 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:225... 16509 (AMAZON-02)
5 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 3.66.183.129 16509 (AMAZON-02)
3 2600:1f1c:a99... 16509 (AMAZON-02)
2 3 35.190.60.146 15169 (GOOGLE)
13 216.58.212.130 15169 (GOOGLE)
3 35.186.253.211 15169 (GOOGLE)
3 104.36.113.23 62713 (AS-PUBMATIC)
3 3 69.173.144.138 26667 (RUBICONPR...)
6 6 104.18.18.126 13335 (CLOUDFLAR...)
1 1 52.214.225.206 16509 (AMAZON-02)
2 2 52.57.93.199 16509 (AMAZON-02)
5 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 52.205.189.122 14618 (AMAZON-AES)
1 3.95.110.244 14618 (AMAZON-AES)
4 2600:9000:211... 16509 (AMAZON-02)
2 2 185.89.210.212 29990 (ASN-APPNEX)
1 54.164.17.59 14618 (AMAZON-AES)
4 52.4.33.45 14618 (AMAZON-AES)
2 54.209.86.207 14618 (AMAZON-AES)
2 104.17.119.107 13335 (CLOUDFLAR...)
227 41
32    2606:4700:7::a29f:872a (United States)

ASN13335 (CLOUDFLARENET, US)
untoldtea.com
1    2606:4700:3032::ac43:a9f7 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
18    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
6    2a00:1450:400e:803::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net
cdn.p-n.io
24    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2600:9000:2490:1000:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
2    2600:9000:2250:f800:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
7    54.149.127.17 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-149-127-17.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
15    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
29    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
4    2600:9000:225e:7a00:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
9    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    3.66.183.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-183-129.eu-central-1.compute.amazonaws.com
k.p-n.io
3    2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 (San Jose, United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
13    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
cm.g.doubleclick.net
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
3    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
6    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    52.214.225.206 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-225-206.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
2    52.57.93.199 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-93-199.eu-central-1.compute.amazonaws.com
d.agkn.com
5    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
player.aniview.com
1    2a02:26f0:3500:c::5c7b:6837 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
4    52.205.189.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-189-122.compute-1.amazonaws.com
track1.aniview.com
1    3.95.110.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-110-244.compute-1.amazonaws.com
go1.aniview.com
4    2600:9000:211a:aa00:1e:efeb:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)
content1.avantisvideo.com
2    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    54.164.17.59 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-17-59.compute-1.amazonaws.com
sync.aniview.com
4    52.4.33.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-33-45.compute-1.amazonaws.com
c2shb.pubgw.yahoo.com
2    54.209.86.207 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-86-207.compute-1.amazonaws.com
hb.emxdgt.com
2    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
Apex Domain
Subdomains		 Transfer
47 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
518 KB
37 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
210 KB
32 untoldtea.com
untoldtea.com
984 KB
22 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 21328
static.avantisvideo.com — Cisco Umbrella Rank: 21877
events1.avantisvideo.com — Cisco Umbrella Rank: 20158
cdn1.avantisvideo.com — Cisco Umbrella Rank: 25331
avm.avantisvideo.com — Cisco Umbrella Rank: 22033
content1.avantisvideo.com — Cisco Umbrella Rank: 39516
3 MB
20 gstatic.com
fonts.gstatic.com
www.gstatic.com
241 KB
11 aniview.com
play.aniview.com — Cisco Umbrella Rank: 15151
player.aniview.com — Cisco Umbrella Rank: 1567
track1.aniview.com — Cisco Umbrella Rank: 1647
go1.aniview.com — Cisco Umbrella Rank: 4734
sync.aniview.com — Cisco Umbrella Rank: 2403
211 KB
11 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
6 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
6 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
259 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
5 KB
4 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910
212 B
4 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4423
k.p-n.io — Cisco Umbrella Rank: 2855
58 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
1 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 636
248 B
3 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
620 B
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
761 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1083
1 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2742
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
154 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
129 KB
2 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2731
2 KB
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2634
313 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 462
2 KB
2 agkn.com
d.agkn.com — Cisco Umbrella Rank: 568
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
914 B
1 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 11018
71 KB
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 2926
376 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
645 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731
14 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
30 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 951
13 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
227 32
Domain Requested by
32 untoldtea.com 1 redirects untoldtea.com
code.jquery.com
29 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
23 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
untoldtea.com
18 pagead2.googlesyndication.com untoldtea.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
15 www.gstatic.com googleads.g.doubleclick.net
13 cm.g.doubleclick.net untoldtea.com
googleads.g.doubleclick.net
9 www.google.com 5 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
7 events1.avantisvideo.com untoldtea.com
6 ssum-sec.casalemedia.com 6 redirects
6 www.googletagservices.com googleads.g.doubleclick.net
6 fonts.googleapis.com untoldtea.com
googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 c2shb.pubgw.yahoo.com player.aniview.com
4 content1.avantisvideo.com player.avplayer.com
4 track1.aniview.com player.aniview.com
4 player.aniview.com cdn.avantisvideo.com
player.aniview.com
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 cdn.avantisvideo.com www.googletagmanager.com
cdn.avantisvideo.com
3 pixel.rubiconproject.com 3 redirects
3 image6.pubmatic.com googleads.g.doubleclick.net
3 rtb.openx.net googleads.g.doubleclick.net
3 id.rlcdn.com 2 redirects googleads.g.doubleclick.net
3 cms.quantserve.com googleads.g.doubleclick.net
3 www.googletagmanager.com untoldtea.com
www.googletagmanager.com
3 cdnjs.cloudflare.com untoldtea.com
cdnjs.cloudflare.com
2 biddr.brealtime.com player.aniview.com
2 hb.emxdgt.com player.aniview.com
2 secure.adnxs.com 2 redirects
2 d.agkn.com 2 redirects
2 k.p-n.io cdn.p-n.io
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 static.avantisvideo.com cdn.avantisvideo.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 cdn.p-n.io www.googletagmanager.com
cdn.p-n.io
1 sync.aniview.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 player.avplayer.com cdn.avantisvideo.com
1 play.aniview.com cdn.avantisvideo.com
1 pixel.everesttech.net 1 redirects
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com untoldtea.com
1 code.jquery.com untoldtea.com
1 use.fontawesome.com untoldtea.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
227 48

This site contains links to these domains. Also see Links.

Domain
socialsnap.com
Subject Issuer Validity Valid
untoldtea.com
Cloudflare Inc ECC CA-3		 2022-07-05 -
2023-07-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
pushlycdn.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.avantisvideo.com
Amazon		 2021-11-24 -
2022-12-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.p-n.io
Amazon		 2022-01-10 -
2023-02-06		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2021-08-04 -
2022-09-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
outstreamedia.com
R3		 2022-07-17 -
2022-10-15		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh

This page contains 31 frames:

Primary Page: https://untoldtea.com/
Frame ID: BB3C9833C79C47E215C540D0DF3694EE
Requests: 96 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Frame ID: A7BDFCD5AC41F42EB30186A3F6F9D675
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1660071758&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758289&bpp=7&bdt=1103&idt=159&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3853506256828&frm=20&pv=2&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Frame ID: 2512F33FE45582A03C23016A4090AC1D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Frame ID: 4ABBE0D25D385ED38BF2A331333CD730
Requests: 14 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: F215123FE37A20939CA10B66F80E4CBC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Frame ID: 8A4F58AC786D9A8E6A94666E84EC0182
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Frame ID: 233E02231B62C8D86A47C5C77C100F3B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Frame ID: 885C283E44DB411433A9DCE576C700F2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: E57D49E002DBF73B468140C82F3A7D3A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3A74E7CB76907770405AC015081B3088
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B5859407503BB4D0EADA6B33E0569006
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 46849A5B99BF80FEC5D891723A69B6AE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js
Frame ID: DC25D2672C095D4D08718DE4768C4B00
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Frame ID: 3E2B18CCEE8568ECBA1AB045E0EABE2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Frame ID: 07604E7ACB50C9DBD4B9A94DA7BA06D0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Frame ID: F9236C63E38331B6E0EC27EEE6C2D68D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DC7B00B0D0B94A053DBDD3CA7C0E894F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4ED239D7AFBCE0F8852CB98B31464B0F
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 132171A784DF1FCD17593D92BA4280EB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B894D170BC1299C753B0C7127F9ED5F9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 475948BF5A6262D7440A135CA6A26707
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BAA64D237DA294C1A1D76117FE575A3
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Frame ID: 46B88C384D3CE602DCCC0D38F0B82E39
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Frame ID: 486F40C34157DB9233D4533B6B73B669
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Frame ID: 6CA4F92B36054A4BD66935E620DB55CE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2942214CA34A72CADB3B756D6CFF6DD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BE0BCB17814AFB7FF528A14B31FE0C81
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Frame ID: 1B168701BD424C6AFCFB69029873FA33
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660071761239-952592075006-006760-004-004094&biddername=55&key=6520085987891123327
Frame ID: FDB17245DC32240F6247E3C483FCDF4B
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 78CB668F1DF7393647C7816804A29303
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 44D231C9CA1A3F841AB952213C3A65D3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Untoldtea

Page URL History Show full URLs

  1. http://untoldtea.com/ HTTP 301
    https://untoldtea.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

227
Requests

94 %
HTTPS

58 %
IPv6

32
Domains

48
Subdomains

41
IPs

6
Countries

6200 kB
Transfer

10894 kB
Size

28
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://untoldtea.com/ HTTP 301
    https://untoldtea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 100
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 150
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AFQ7G6JOL1t2rGtnhLEBcCvwoX9hTVgK4FrLW5mK0_oBSZp9bwqaIpFR6GUqO21iM9noqKzi2a_Ti9e2hYmR5BOHDndwqQ&google_gid=CAESEIiFukcoxP9AIp-sXc9-nNw&google_cver=1 HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNDeypcGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BZWhsSzRBRlE3RzZKT0wxdDJyR3RuaExFQmNDdndvWDloVFZnSzRGckxXNW1LMF9vQlNacDlid3FhSXBGUjZHVXFPMjFpTTlub3FLemkyYV9UaTllMmhZbVI1Qk9IRG5kd3FR HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwR2lwNXpwQTZMUktaRGs3RmZNUlp1TVZmMEt3Tlh3RzhSc25MQ256MXpvTQ==&google_push
Request Chain 153
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAtbWlMQuJJUjHBeuPnYhCc&google_cver=1&google_push=AehlK4BYyjOFXh_cyPsI-70z0T9PlUxhvupRx1-pdB900HiYEyzvz5OAlUwuX4Ece_b8KjMn4dY8yB4Hj-5fM6wvBHwduuXocf9R HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUUtVC0yVTBN&google_push=AehlK4BYyjOFXh_cyPsI-70z0T9PlUxhvupRx1-pdB900HiYEyzvz5OAlUwuX4Ece_b8KjMn4dY8yB4Hj-5fM6wvBHwduuXocf9R
Request Chain 154
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_cver=1&google_push=AehlK4BAouknGzBq5U2jxXnPbeJmyWOxAA29wtmWyIXIu1VcFvhKwbqTM-L7Dvryy55_OljUY3OXEv5c-BTlmEzsqFBR9ZySF4M HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_push=AehlK4BAouknGzBq5U2jxXnPbeJmyWOxAA29wtmWyIXIu1VcFvhKwbqTM-L7Dvryy55_OljUY3OXEv5c-BTlmEzsqFBR9ZySF4M&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4BAouknGzBq5U2jxXnPbeJmyWOxAA29wtmWyIXIu1VcFvhKwbqTM-L7Dvryy55_OljUY3OXEv5c-BTlmEzsqFBR9ZySF4M
Request Chain 159
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4BCp8oQ2W485AwS2935T5P_thSR2LowQqb_KmlkkOjYa4j46HLz1xkRBM4Lj48uJFI9VkUuNmaNL7n8Fk7RcVgUYfro24pY&google_gid=CAESEJ3lqve3ZEV-H45HorVs6E8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZLdlVBQUFCZE5WdFdobg&google_push=AehlK4BCp8oQ2W485AwS2935T5P_thSR2LowQqb_KmlkkOjYa4j46HLz1xkRBM4Lj48uJFI9VkUuNmaNL7n8Fk7RcVgUYfro24pY
Request Chain 160
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEI_2UwvFuAYRRZxYoVa8WhM&google_cver=1&google_push=AehlK4AW7bdtA9CM393jsCp4Lp2_Yc9KL6OcWJn-c-ZXuL2zOBw8yt0d4LF1heR3sLyIdP6cxNTZLRZhh-_KH02y0CGqdgph5EW7 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AW7bdtA9CM393jsCp4Lp2_Yc9KL6OcWJn-c-ZXuL2zOBw8yt0d4LF1heR3sLyIdP6cxNTZLRZhh-_KH02y0CGqdgph5EW7&google_hm=Q0FFU0VJXzJVd3ZGdUFZUlJaeFlvVmE4V2hN
Request Chain 163
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOnuoelSyKzYsuil8OClrkI&google_cver=1&google_push=AehlK4ARBLuSaryUniqs4-n77wzkpn0YketSlqljuaLcpJu3cx7UbW1Yp_qn_M2PDEIwtUaHCS8jN5GeGVaFe9qy7D_ypr-D-wsT HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUgtMUgtSlNIWg==&google_push=AehlK4ARBLuSaryUniqs4-n77wzkpn0YketSlqljuaLcpJu3cx7UbW1Yp_qn_M2PDEIwtUaHCS8jN5GeGVaFe9qy7D_ypr-D-wsT
Request Chain 164
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_cver=1&google_push=AehlK4Dj1oidLrQzmNuvfh1FgKnP6wa77ZjDhNiReuGeXENORT7XFBJj8iqyhnXsExn9uGeh_u1EBbDCCV8dCT3LAPN_TWsbEjcN HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_push=AehlK4Dj1oidLrQzmNuvfh1FgKnP6wa77ZjDhNiReuGeXENORT7XFBJj8iqyhnXsExn9uGeh_u1EBbDCCV8dCT3LAPN_TWsbEjcN&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4Dj1oidLrQzmNuvfh1FgKnP6wa77ZjDhNiReuGeXENORT7XFBJj8iqyhnXsExn9uGeh_u1EBbDCCV8dCT3LAPN_TWsbEjcN
Request Chain 166
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 168
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 177
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJhX6Op9JVJ-eh-FMRejdlc&google_cver=1&google_push=AehlK4Ar0DbRdqHLqF0zu8AWKWHFr3o4389h_ALU0x3A1ZTPDdllcAgKzStWbpjCY-6m7cC3a-fFX41Pdek5KkdNGXa_ZPLKF-80 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Ar0DbRdqHLqF0zu8AWKWHFr3o4389h_ALU0x3A1ZTPDdllcAgKzStWbpjCY-6m7cC3a-fFX41Pdek5KkdNGXa_ZPLKF-80&google_hm=Q0FFU0VKaFg2T3A5SlZKLWVoLUZNUmVqZGxj
Request Chain 181
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDg0YoS7xyj87KRVGV5saU8&google_cver=1&google_push=AehlK4Bj0kiUBWG7yv9TzHFCsejRO9gg-lyKAImJVvktEjZlOcCe3vkswEpI3Wusn8-HD8b74c0ThZV84TOqHQuzrDoU8iouJbkS HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWjgtMU8tOEpPUQ==&google_push=AehlK4Bj0kiUBWG7yv9TzHFCsejRO9gg-lyKAImJVvktEjZlOcCe3vkswEpI3Wusn8-HD8b74c0ThZV84TOqHQuzrDoU8iouJbkS
Request Chain 182
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_cver=1&google_push=AehlK4B8VCIFACVeN4-GFQt1FHVj9-6DdvsqJLGVQhRGkjq6Kugu3ccGnk-JgXrWJIMwTWevSPz0vcBO9uCzGcqpUrwptORXeev9 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_push=AehlK4B8VCIFACVeN4-GFQt1FHVj9-6DdvsqJLGVQhRGkjq6Kugu3ccGnk-JgXrWJIMwTWevSPz0vcBO9uCzGcqpUrwptORXeev9&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_hm=YvKvUG93zVklkcFA2h0aRAAABJgAAAAB&google_nid=index&google_push=AehlK4B8VCIFACVeN4-GFQt1FHVj9-6DdvsqJLGVQhRGkjq6Kugu3ccGnk-JgXrWJIMwTWevSPz0vcBO9uCzGcqpUrwptORXeev9
Request Chain 184
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 211
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660071761239-952592075006-006760-004-004094%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1660071761239-952592075006-006760-004-004094%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660071761239-952592075006-006760-004-004094&biddername=55&key=6520085987891123327

227 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
untoldtea.com/
Redirect Chain
  • http://untoldtea.com/
  • https://untoldtea.com/
84 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d808f473df9242e29b4360126b8581260c4129b67804afb69fe65cd1c06e326
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7382bf3f5b81913a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:37 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
ki-cache-type
None
ki-cf-cache-status
BYPASS
ki-edge
v=17.7
link
<https://untoldtea.com/wp-json/>; rel="https://api.w.org/", <https://untoldtea.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://untoldtea.com/>; rel=shortlink
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cz9H4QcM4LpH9ycaZCCqKSQMemI%2Far5DrerfiBtfFb3bnuwrWDgl4j2iXbG9nIE56Ezx3h9U5j9VnDc00UAvEWkNRPpD27%2BzQS0FMe6TJCCxfWCCVjkAdgUA9rpVde1bHp9qsI0CXBtCoQA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
HIT

Redirect headers

CF-Cache-Status
DYNAMIC
CF-Ray
7382bf3d0bf790ee-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 09 Aug 2022 19:02:36 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Ki-CF-Cache-Status
BYPASS
Location
https://untoldtea.com/
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tSS38k0TUOHmcIBRKrDKnCaULVkSLOMWHOD0BegGgu8uyOjUMaPSN6KbGOLcJ5p6RSFp5HpN2TlQzjYfOB5xgfK2%2BArbuWmFQoDcR3gpkvqYrRRd8wXGFz8tL7BPOIj%2FCk5sTlMqtAEfBT0%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Edge-Location-Klb
1
X-Kinsta-Cache
HIT
X-Redirect-By
WordPress
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cache-type
None
ki-edge
v=17.7
main.bundle.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		143 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/main.bundle.min.css?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,05f633772b5dd5612ecc438bbaba88c51ced66e2d0af920e82671d67527bde25
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,05f633772b5dd5612ecc438bbaba88c51ced66e2d0af920e82671d67527bde25
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Mon, 15 Nov 2021 14:14:48 GMT
server
cloudflare
etag
W/"61926b58-23d8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7w%2BphM%2BXTLTa3Z6z5pmmiByNaEVKtK7Du6dwm9L7Y6dd7bwL2Pd%2BHr%2BABoJwmGbGSYUXksIYa3%2BqNSRF7czqGHzwVy7jiyRdPJ7%2FZZY%2FXhdfBRNQ%2FTdjb37f61KTHgtT0T8DRtCFN%2BOQpF8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf427867913a-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
main.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/minified/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/minified/main.min.css?ver=3.4.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1ead8f179b35d41d49a7ab4218039f8e1b29f4d1272ffc0ee2725e529bc2a9db
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1ead8f179b35d41d49a7ab4218039f8e1b29f4d1272ffc0ee2725e529bc2a9db
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Wed, 12 May 2021 10:34:35 GMT
server
cloudflare
etag
W/"609baf3b-e390"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=04R6Idzc8U5zfpzBuI5XQFcbe0EH0pMdwBLY09qV0pbu1je7tIy3Bq9w6s6f8fCkYd466rFsEs1mRoZeCVUsGZqDGyXaz%2BpQM2%2ByLfP7KDPxjN8NyRKfXdsTRk9fhQGOge5Ue2Pc3FBTE8I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf427869913a-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
wp-emoji-release.min.js
untoldtea.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f28df1f795cd5542544741ff7fa03d01e20c4be2f7b6024a1ada0f1bc5767977
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f28df1f795cd5542544741ff7fa03d01e20c4be2f7b6024a1ada0f1bc5767977
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 28 Jun 2022 21:45:10 GMT
server
cloudflare
etag
W/"62bb7666-48b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j8Ka2MY%2Fa3xBgWwgC9hvYyn3vhW9ncwx6yHzvFFDFLejk6T2I714NnMbiS0Op%2BO54qLbNrmx53IJAfKDUbhH1ed61H%2F7geDYKy18IPLfbtr4g73LjT%2FIu8RI1At19T%2F3ktQXIdYakE%2BMbZI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf48482f9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:38 GMT
style.min.css
untoldtea.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f61582a2b1b639c470a0f44fc7542837a98a6e15ce733caec532f156972875b1
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f61582a2b1b639c470a0f44fc7542837a98a6e15ce733caec532f156972875b1
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 12 Jul 2022 17:55:44 GMT
server
cloudflare
etag
W/"62cdb5a0-15b64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6xv6vXicU4YMZ6EMUCZ9GsfdJW9UpxQTOev%2BGVBl%2BSCi5Z0Rs4ytXXou6AT9zfRaXnok2kASqv3y6bbyt2oSrOaHcY3OEf5E5QUbPQS3KNYHkEW%2B5%2F9aQUz3w9%2Fy8MnLI%2FA%2FSmGlLlGHNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f159c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
adsforwp-front.min.css
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/adsforwp-front.min.css?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,858cebec5dd8f760124cb5db85851b7b32b621f215f4eebb5339d250f642a489
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,858cebec5dd8f760124cb5db85851b7b32b621f215f4eebb5339d250f642a489
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8P6yabc8Ca3ExlFWA2KT8iDb3DxudlEj2wDxtoVWb9tSyxWvOdFPu6hNOY3wYgji%2FqkVf3GdxBHpReWealAOGhpqXin5U9YLQro2yDRprzuu9rkCwiKEfTCz3%2FyeKH%2B6N1dQ3nGbsYxC78U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f189c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
categoryimage-public.css
untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/categoryimage-public.css?ver=1.4.6
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,3d4e1cf646173b5aeff52b1c74ecada83bcc74cd647f02d954656baf43b7f63c
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,3d4e1cf646173b5aeff52b1c74ecada83bcc74cd647f02d954656baf43b7f63c
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Mon, 25 Apr 2022 07:51:38 GMT
server
cloudflare
etag
W/"6266530a-1a27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RbuTxq4s3tH1F%2BMLi%2B5Sbe238pByD7hkrq0Zs5yaz7ODwRwWX3yyPaGnBJm%2F2Ml2kWS2l2IJRRzwkpJMS6vjVVPsdJg4zUWYnUQn7yS9mq8u2GU4IWTSx%2F32osR0Hsg9uW22mdAb3C2nS7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f1a9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
socialsnap.css
untoldtea.com/wp-content/plugins/socialsnap/assets/css/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/socialsnap/assets/css/socialsnap.css?ver=1.1.17
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,64ae08eed5f0c9220c566d00957d272c99d2f84667299c4031f47da0023ef915
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,64ae08eed5f0c9220c566d00957d272c99d2f84667299c4031f47da0023ef915
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Mon, 25 Apr 2022 07:51:45 GMT
server
cloudflare
etag
W/"62665311-10bfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EFU1wc2l32MUt7UXKHeaScLzJH1SQSkoqnd1HOKJLp6sl59P%2Bi1iiotK9eH3hOI%2BSBDCp0Cv3p11zUwqT%2B%2BLObXcUR5bIglEJ2eXH1ncCi%2BUPH2it2LjoIY04U9lrrGftLOqhUMMm4Q8Le0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f1e9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
ivory-search.min.css
untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.4.7
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1c7b4d545f5a3177640e82aa95a95622b793910e47b783fda1f201d8ba76e37e
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1c7b4d545f5a3177640e82aa95a95622b793910e47b783fda1f201d8ba76e37e
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 28 Jun 2022 21:01:11 GMT
server
cloudflare
etag
W/"62bb6c17-1a9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c0%2F2WesIAJFxF44XoA%2BBeJVsglliJgBPYZeUedbbuSkZaEEllKGIiK6Cq0QU7wmtdcE5IQi3DgoEZkQolhHS0lsVT%2FTiRQuxXz6w%2F2uTYc0z5kFXIk9E5vzTB87jxdb4SLnoJyvEZNub2ac%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f209c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
jquery.min.js
untoldtea.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,e2e1f402504984a65844a4d022b901e5279d478e0a7f4a1615f1194b8466cfda
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,e2e1f402504984a65844a4d022b901e5279d478e0a7f4a1615f1194b8466cfda
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 20 Jul 2021 19:52:55 GMT
server
cloudflare
etag
W/"60f72997-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B%2BN6MgE%2Bidg2ygX%2FkWzihly2qWe99olyaZrIq7KTaq6s6LhLcXEyJbPcbVXGglEFMT4Qt4qKyy09XNDAlO4ySCxOso66TEdOdT3%2B90cXLWc%2Fbx7lDQMypxOkoczLzGlG91sCrjkA7QYXpLw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f219c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
jquery-migrate.min.js
untoldtea.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,31678bfcef2c6b570815652d5caed0bda5656d4e4a8119349cd75122ae6477a2
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,31678bfcef2c6b570815652d5caed0bda5656d4e4a8119349cd75122ae6477a2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Fri, 07 May 2021 09:11:45 GMT
server
cloudflare
etag
W/"60950451-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtrLAgui3w54KQekxlmpr0tDXf7e7MIQqjYDNrDIEmAwlhcsXWGmYcqitIt5yD3AQQMHL0Rf299FV%2FFqU8UIaZr1%2Bax84QGfEkfK9z6eephc1yVpc%2Bsc%2BuVLhM0RpkaKsathnjwP6kH2Qf8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f229c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
custom.js
untoldtea.com/wp-content/themes/astra-child/assets/js/ 		997 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/custom.js?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1a322c28409d7bfb5d7e38586325ab61f985389a21067672f9ae6ed96f301d9c
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1a322c28409d7bfb5d7e38586325ab61f985389a21067672f9ae6ed96f301d9c
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Wed, 15 Sep 2021 10:32:05 GMT
server
cloudflare
etag
W/"6141cba5-3e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEwnrPNkowRy7mV5%2Fp2kvsVxusR81RYeenjrDT6cFfxomwkSmBfEeiMHP%2BytR0VCjiV63MoTJzrDgN%2Fk2JyYz9COvE%2Bh2lIeIh4lRpspUJIIogIb2UJOxC1%2FcME84xcQAAXZLHPCPmYdn30%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f239c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
bootstrap.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/bootstrap.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,9e44f164abcbc7045b7cfd0aa6cc0d0c7f9c86cfc10092cf5a2617c6d0e80743
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,9e44f164abcbc7045b7cfd0aa6cc0d0c7f9c86cfc10092cf5a2617c6d0e80743
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Wed, 12 May 2021 11:27:26 GMT
server
cloudflare
etag
W/"609bbb9e-235ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=noNaox0Bs6h%2B75%2F%2FGS0HMXiH71a6wjB7hSyLa3PHQgHMi1osjNN3ui%2FU7QxkwiXvecbFYZUhNyTeGT%2BncObLV5KuW8zeMFUPbfejiEbgxHJKnTFV%2FOX8NQxdWZ1FHqWjOvXt2vWBwhghytE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f259c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
owl.carousel.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/owl.carousel.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ec999bfb734be1a3d178a80faeada18acab3e877a49068cb0f6756271bfe462c
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ec999bfb734be1a3d178a80faeada18acab3e877a49068cb0f6756271bfe462c
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 18 May 2021 14:03:06 GMT
server
cloudflare
etag
W/"60a3c91a-b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hSygUU6bUACDb3jVmsB%2FHDN%2BBXS%2BNZSPJQYzzXPJM1rTqUfG%2BbTVNYtdopjCsXMmwDHo0HDR9bO9SZbNKB99on2xmBSAoq6rqTivuvkqVybeVGzP1iR2fXL9%2FWot%2FM41Fy2k5X%2BTCGGyzn4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f269c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3032::ac43:a9f7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
VGG6QNVBA6FQVMGD
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
aj2qQq+Uzqdbet9nex+uJW+n/GHKhvauUKXNT0YGWxAX6UwLkCC1t/Ik1UjQ9ry3TsJtZOA5lTY=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zQWyOoy%2BxyAC3tFbz%2BSlyddUKxh3xl5qB6168ha6z2FiCx%2Bq9hCNPLS%2B%2BKdQzp1iCYxMVen2RRhYI1rJVnClDI9BLA8znL8pHe3hse1Ph701HwldTM19rBeQ7lEDlnTKp2WJJW19hzyqVbWf3uOq5AmI"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7382bf438d2f927d-FRA
custom.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:37 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,621debf2442dfaa9a69145e9abbdb287eb3bacaa921229b0011bf1518f30f8b3
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,621debf2442dfaa9a69145e9abbdb287eb3bacaa921229b0011bf1518f30f8b3
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Fri, 17 Dec 2021 11:18:55 GMT
server
cloudflare
etag
W/"61bc721f-8a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rl6PqP8lyjX3ZsOeg%2BLTLpR38h702%2BP3qYWwtCa1ByHa%2Bp9pt9jg1l3rZvKXZKlmst5XCipHShkjESqABSF0SsCag0JcLyZdJa835UBHoY9LlWL%2B%2BiQ2vPPT%2BE8nVa9MldbQIpzWwj2L7EM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf432f279c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:37 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		170 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0690513378222f5c1ebf04ecf138a70dde6a79cdf576990421de58631a9e5e29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57459
x-xss-protection
0
server
cafe
etag
7889172599962639193
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 09 Aug 2022 19:02:38 GMT
untoldtea-logo.png
untoldtea.com/wp-content/uploads/2021/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2021/08/untoldtea-logo.png
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,6d4d005f1a402c97f6e496a59743a471af98785c872ad7b7d7650001a79970f3
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,6d4d005f1a402c97f6e496a59743a471af98785c872ad7b7d7650001a79970f3
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11421
ki-cf-cache-status
SAVING
last-modified
Tue, 10 Aug 2021 07:06:55 GMT
server
cloudflare
etag
"6112258f-2c9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKPxZyvmC4ZlnwWfJYxcIpUKFgpXFfTa7pCtJXU%2FsnyvXLhJAN1ezzIqaPVaQNlQhydOXcWuM0PfZtaX%2Bafqq%2Fi8YuZyIElEG8XjM7OqVpZSBTCJpdJMne1wlCY3EryumW53eqJ5J2rKius%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf4848309c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
untoldtea.com/wp-content/themes/astra-child/assets/js/minified/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/minified/frontend.min.js?ver=3.4.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,26e7cae73712c46b3f0664c6048328284329f1eb2ba2fb9739dcca23d422e2d9
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,26e7cae73712c46b3f0664c6048328284329f1eb2ba2fb9739dcca23d422e2d9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Wed, 12 May 2021 10:34:35 GMT
server
cloudflare
etag
W/"609baf3b-41bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bmbaDerqDTtB%2Bo9WZ7Tf%2Bqo6OMgRwMEKVCio%2BjsKiT1qDtH5439T6VpYknxCxfPjfGo37PSlP9EL4Fz0I%2BYttyCEny3nz8wEkXVm3aMrswzwc8n7NksN%2B0DWkhdgsAho1iZTCt7FdwyYq0Q%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf478ed99c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:38 GMT
ads-front.min.js
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-front.min.js?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,922de2af9c8029c9d96c473245f39ddcc89aea711ee6bc0b0065e0a6496eeeaa
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,922de2af9c8029c9d96c473245f39ddcc89aea711ee6bc0b0065e0a6496eeeaa
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-1dd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BkN%2BtApbD7ES36gQDlZ1ox3fkZ0m8rk6txdlNNJEwSv%2F6ehsFepg7q0F%2FoaP0lWzH4ND8eHtyp4%2FmsdQ9uc9F8muY%2FimMi6CTd4aBNNOez%2Fl%2B79lynCDPofz7kqG65zq4kbOfwjmogCFkZo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf479ee39c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:38 GMT
ads-frontend.min.js
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-frontend.min.js?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,bfe694c76e7f83112fb856b4b8f26da2532f9fa67b3f6a9fc1863e27b12f22bb
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,bfe694c76e7f83112fb856b4b8f26da2532f9fa67b3f6a9fc1863e27b12f22bb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkKXTUy7dZGn6DQdRC1H9YaQZr6qNKcOc8btPwTLLmdTIjE55NzmxftA9oB%2BW3AM7Bq9RJpqh1iOf846%2BM1isvRP6kWn6eNcOhmDlyLHs6D6PizLfcaOJQ19fz%2BB5NLghqBL4OYf21o%2FP3c%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf48481e9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:38 GMT
socialsnap.js
untoldtea.com/wp-content/plugins/socialsnap/assets/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/socialsnap/assets/js/socialsnap.js?ver=1.1.17
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,15c0ce2fb3715118240f9f39824db71e1bb7f579293d669e69f5fd9a653eaa5e
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,15c0ce2fb3715118240f9f39824db71e1bb7f579293d669e69f5fd9a653eaa5e
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Mon, 25 Apr 2022 07:51:45 GMT
server
cloudflare
etag
W/"62665311-3239"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cWg%2BuMiI%2FCZNB37s0LFagMyySRHBhpx8np5kSN7ds95xa2FUWaV7yDhtkPIc7sloELm1YD8neUcRRu8CrSvoq1es3v9wttQ64ECa7y4Ezt3q%2Bo0w9XO4gWQduL7UwSExe6QwYd2xTWVoF3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf4848299c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:38 GMT
core.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/ 		232 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js?ver=1.0.0
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2928059
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42723
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-3a1e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O81%2FDPcg2Zjzndy04EvwtYy%2B0VMycK2ljRpdys%2FlRbAaQFytvhQqHIxEDnSGhofZnVWf36zqAABDaLQhdJZXKf%2FjAxybkbmnWPsSRA8LomtKqepHV3bFbo4LUpU11FpRQtOUq%2FDDtJ7YSX6hMO3VhgUD"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7382bf488b27bb5b-FRA
expires
Sun, 30 Jul 2023 19:02:38 GMT
ivory-search.min.js
untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.4.7
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1e21cc8327db2e06733fe3f314b06dfdd5354f41e9e1ea7f1b6e392367053d66
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1e21cc8327db2e06733fe3f314b06dfdd5354f41e9e1ea7f1b6e392367053d66
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 28 Jun 2022 21:01:11 GMT
server
cloudflare
etag
W/"62bb6c17-11ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYCegtHyYUssyc7et4gzSsJcGLzJOzxkgjnDTqjKd7w3peSXtc2egDp2VFoL9PMCJ%2BUacCX0gatysCThv%2BVQ18gYlyupnUhPEtcIEb7axEWlZB%2Fn881oB54827NW6QdkSBzBRnnmzsbnah0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf48482c9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:38 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1660071758.dop204.fr8.t,1660071758.cds143.fr8.hn,1660071758.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
owl.carousel.min.js
untoldtea.com/wp-content/themes/astra-child/assets/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/owl.carousel.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,8e385b6a64b4536a8cf3e7b2752fb12c72431b4faa2a98163a798ebe4e0382ee
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,8e385b6a64b4536a8cf3e7b2752fb12c72431b4faa2a98163a798ebe4e0382ee
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 18 May 2021 14:03:35 GMT
server
cloudflare
etag
W/"60a3c937-a70e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMA%2BUpuDSokIb6giVh2so7ooXDKfzebHNlwp68tt0Xo6LV%2FRwmtOU6ts3zIq5e0kP8SzZ4WiqZlDiSSeYTV3qduFoN0YcaBETsZvVshG%2B3EAO9L2TVez6PXMO%2BfKD%2FuatQCFK5goPVEiGBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
7382bf48482d9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Fri, 06 Aug 2032 19:02:38 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
860
access-control-allow-origin
*
cdn-cachedat
03/10/2022 17:24:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
927bd8f8bc00b92c63b0d3057b4ae8ba
cf-ray
7382bf48ad1ebbfb-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:20:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 19:02:38 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 19:02:38 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4658459
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10301
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-e4d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tEmncRWdo2OoP1P938WQymWoZ2MFPf7b29QQrtwBevT%2FXndMMYXvXlSGMOxGtshhtpYp7YjoyjOE7rvd5RAGAzqUQhwU0E%2BmfXty%2FSs3hPNO1KL9IMHqW%2B%2FiadNV2xAU5Mos9bW8AyEmxcuHx74kb2qB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7382bf47fd165bdd-FRA
expires
Sun, 30 Jul 2023 19:02:38 GMT
gtm.js
www.googletagmanager.com/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a90aca35a8ccddb6b126087e361d3b0f51ea363ba6ee1e99eda4cb3637f0b110
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43116
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:34:21 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Aug 2022 19:02:38 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 21:13:14 GMT
x-content-type-options
nosniff
age
78564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 21:13:14 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
947482
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76612
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12b44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KfVz7uJqqC43igqppvGmszGudVZFO5hXtSLDqsISHHuIOCsLqwaW71Irw4trtq%2BSIaIrtpayGHimtvclTSM37kcmSYoSwJGgiU4czlwM3usnnJV8Xwr1Ur3x7uuUAGbvMOkRr%2FhA7aFURtY1RwY0M1ug"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7382bf48ba049000-FRA
expires
Sun, 30 Jul 2023 19:02:38 GMT
Breaking-Bad-Where-Are-They-Now-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/05/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Breaking-Bad-Where-Are-They-Now-1024x682.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f53dfeb1075d1974c440f135691dc6e65bf12d00fc6223365bbb70b125a004b1
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f53dfeb1075d1974c440f135691dc6e65bf12d00fc6223365bbb70b125a004b1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78052
ki-cf-cache-status
SAVING
last-modified
Thu, 19 May 2022 20:44:56 GMT
server
cloudflare
etag
"6286ac48-130e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n2aODi8tYHpCan5WidzasI4b3bz2SRRPCaj5%2F%2FU9KTnlh1JMTHPjwixLQCm5VfdDXqDnfZThm7udRSVjI6CnAAhFCZ%2FN3Ka9ec%2BDt58T%2F9hD8o39eB7%2BeFhb1pLkWRTE1LnpNdMxY2eFcNg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf48b8d89c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Celebrity-MothersDays-2.jpg
untoldtea.com/wp-content/uploads/2022/05/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Celebrity-MothersDays-2.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,10c78d878de062f31b055c07ac57c0a8d2d2a9004c5cbe6d60b738c210941c6d
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,10c78d878de062f31b055c07ac57c0a8d2d2a9004c5cbe6d60b738c210941c6d
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49783
ki-cf-cache-status
SAVING
last-modified
Thu, 12 May 2022 16:07:09 GMT
server
cloudflare
etag
"627d30ad-c277"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Mu5R6SFe%2BYVqYHveP%2BelaA5vLpl%2BiBJZ81mw90VR8Qq%2BvXjufJQGSrOUA6N3bqIWkSPoRw9iZJLtsuMXLUGhh1FDzXW3Dkyftd9Ry4yNERPJwe%2FynXPnBymh9TKNjUtDTaVh%2FohMs6gMs0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf48b8db9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Jean-Claude-Martial-Arts.jpg
untoldtea.com/wp-content/uploads/2022/05/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Jean-Claude-Martial-Arts.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ba5fd9b2bb5d156680e6adcebfda8f007191f4796b11772e8e6657905bfa9b2b
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ba5fd9b2bb5d156680e6adcebfda8f007191f4796b11772e8e6657905bfa9b2b
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113047
ki-cf-cache-status
SAVING
last-modified
Wed, 04 May 2022 22:47:58 GMT
server
cloudflare
etag
"6273029e-1b997"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0kBsGDMHFiYHi2EU3DkcfRgMRVXTbeZ%2BzEUCXOnhB40DPoq8dZPlijlK2JQRefq7jE4pBEE%2FnGRe%2BJlF10Eo3gEclf6H8d7alWdoiuoFNy1%2F1%2FXvpRTdRkbXrYtUuatoaRyhbjFVqcQpgXA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf48b8dc9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Squid-Games-S2-2-1024x576.jpg
untoldtea.com/wp-content/uploads/2022/04/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/04/Squid-Games-S2-2-1024x576.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,7c0bcce25a0d0fbab5f9d6c693327424f5ba4afc237e067b1879208cff9ee550
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,7c0bcce25a0d0fbab5f9d6c693327424f5ba4afc237e067b1879208cff9ee550
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136153
ki-cf-cache-status
SAVING
last-modified
Fri, 08 Apr 2022 15:23:11 GMT
server
cloudflare
etag
"6250535f-213d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iUW3fhkJLN5LeKMgCFdh8vOw6SXoGYbIxHBI8iofHrA%2FnUbdrS1K8%2Fvz7VCYbR4YCU9bcapRwmPWZzUQgpVCz7Ti4Cl75qsu1SRtUsIVb5BbsfIBFhxwhAAymPP%2FZyzchO1C2jMHr25WDbE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf48b8df9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Will_Smith_Chris_Rock_Slap-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/03/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/03/Will_Smith_Chris_Rock_Slap-1024x682.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,99b01799dc302f7b34b2c9354517c028ec3f8f327fa1260ef19fa5b236d95c88
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,99b01799dc302f7b34b2c9354517c028ec3f8f327fa1260ef19fa5b236d95c88
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92844
ki-cf-cache-status
SAVING
last-modified
Wed, 30 Mar 2022 15:14:34 GMT
server
cloudflare
etag
"624473da-16aac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=41riPdfAe1m6oWkB1sLHVjxECgpRKb5b2sk5Fr87v0OAXjHDvGvT295WfXFDNmyxX1LbFXJPSWK%2FQaCU0KSuaFB4B6YBe%2BgNPt3gxZXlb306MpBnFz6Lnx7QS0WCf%2BPopfGK0jOHFhaabzY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf48b8e09c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Mickey_Rourke-1024x1024.jpg
untoldtea.com/wp-content/uploads/2022/03/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/03/Mickey_Rourke-1024x1024.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f56f9e900dacbe291d8dc1412a22c0477d29d209573d533c6bd5e72baab257c0
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f56f9e900dacbe291d8dc1412a22c0477d29d209573d533c6bd5e72baab257c0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
167531
ki-cf-cache-status
SAVING
last-modified
Fri, 25 Mar 2022 15:26:31 GMT
server
cloudflare
etag
"623ddf27-28e6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wl2WC9J5sDvEyqzMQ1J%2F%2B7RSZ%2FK%2B1kJglF3dp5roV8tT3Acvjq4%2F3O7s1J2vcM%2BHt1QO%2FaV73tE39%2Blgj1k7EC0pkfrPNVsCYTZ8ehLYfY3DCIWl10aRISBt2vsLttS%2BCbvdXycR%2BrQ3k%2Fk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf48b8e39c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
featured-and-starter1.jpg
untoldtea.com/wp-content/uploads/2021/05/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2021/05/featured-and-starter1.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,42fade2813976c2b9e7985e27def55b8797b41be24ff28b8350dc365d3349e80
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,42fade2813976c2b9e7985e27def55b8797b41be24ff28b8350dc365d3349e80
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48489
ki-cf-cache-status
SAVING
last-modified
Tue, 18 May 2021 18:29:21 GMT
server
cloudflare
etag
"60a40781-bd69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O2NXIYvDLkPlSuhg%2BepyGiIqfWjF2EHy10mcFseOH%2BisWcGvpMH2v3N5aQrDjXsV8GuURdOaWMNk%2BQImiJOyDwALg7TrbVJr1jcOnRCu7GMBDFLiF%2Fq9WXJuUI7ImRo%2Bf3VhW7zSW%2FbsyBQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf48b8e69c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
490aad00b6bd63b6f5c8fc32383df57a8a3f072080b41da92cc3c6f38de5a81e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72381
x-xss-protection
0
expires
Tue, 09 Aug 2022 19:02:38 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		301 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-6.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 15:10:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"3719c549539b86d123ffb1220e16852e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
1rHN7szgNKnEeqUueJegAyCAEESYSsRG51C8e9sHKhhg1xlM1YrDUg==
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-105305343-4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c5e589617bec58c45103da60ec679daafe401e652ee2be76073ff75dc8a9a801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41896
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 09 Aug 2022 19:02:38 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/ 		339 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47155af482efe3d39c6353d59e4b5a3260bb9dc86095ce519d4e2248b43111e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122259
x-xss-protection
0
server
cafe
etag
6317173228496977903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 09 Aug 2022 19:02:38 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/ Frame A7BD 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73947
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 08 Aug 2022 22:30:11 GMT
etag
8616628553774171045
expires
Mon, 22 Aug 2022 22:30:11 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
336 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M28037773M&gtm=2oe880&_p=1911266942&cid=1508202224.1660071758&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660071758&sct=1&seg=0&dl=https%3A%2F%2Funtoldtea.com%2F&dt=Untoldtea&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:38 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		217 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=untoldtea.com&callback=_gfp_s_&client=ca-pub-6830231157845370
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
91a964a7a2ee2e2bb246cb8e1509b08f587703ddb9e9ea8a63ec5a0fc15aa40f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 19:02:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 2512 		243 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1660071758&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758289&bpp=7&bdt=1103&idt=159&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3853506256828&frm=20&pv=2&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=173
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f29c531e02f8b403d71333e1c306e5cbd7e06cd4d8ca9f4b4cc17df524558370
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
64457
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 19:02:39 GMT
expires
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4ABB 		88 KB
31 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b54157daebe5f7409aa328edac3eedaad3a857bec0dc4a1e255596ffe08bb50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32161
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 19:02:39 GMT
expires
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Adele_Live_2016_tour-1024x768.jpeg
untoldtea.com/wp-content/uploads/2022/01/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/01/Adele_Live_2016_tour-1024x768.jpeg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,cec7a2c4b4e7c263f820b35f0a1779b07756e060dad3915a4799942dd15e5b9b
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,cec7a2c4b4e7c263f820b35f0a1779b07756e060dad3915a4799942dd15e5b9b
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117967
ki-cf-cache-status
SAVING
last-modified
Thu, 27 Jan 2022 00:04:21 GMT
server
cloudflare
etag
"61f1e185-1cccf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3p%2BTPkaQhh7hmZbylIk8ZZQJdr4yAhlqRprvj3kRcaH23w4Ellk0E72AImyMdu4kspR5sQNRv%2BbpIHZWdjF4LuI4lU4TrFPKlshzb7OMxUKfxw%2BrwRMSs2NRJwyYQednl8BERxL0C4BMfFE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7382bf4c9efd9c06-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
video-loader.js
cdn.avantisvideo.com/avm/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
age
50619
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date
Tue, 09 Aug 2022 04:59:00 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
hXHn3GY0O4uMErDhSOur8SQSAuZC3gT7sRyNZPEunGcFM9-hezNQHQ==
home-load-more.php
untoldtea.com/wp-content/themes/astra-child/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/home-load-more.php?offset=0&limit=6
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://untoldtea.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ki-edge
v=17.7
ki-cf-cache-status
BYPASS
x-kinsta-cache
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YBYlx7K5Fi7fChja8wT%2FW%2F0AwjYYzOHimZG5tgMsivajpXBRku9PNWt5kz%2FboQkx6BGgCBYfjDhehbxpK9i3pCJstKh2ZYc9oT%2FV9CTqEXFzOirOFp1ZTKSoXo9pFYfYJjUNqHzX8EeVmjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate
ki-cache-type
None
cf-ray
7382bf4caf149c06-FRA
x-edge-location-klb
1
expires
Thu, 19 Nov 1981 08:52:00 GMT
abc.txt
static.avantisvideo.com/data/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f800:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da380e464c375c94fb88968b3b86dbc3568455515fabae0ce17d80ebbd1876d8

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 11:37:21 GMT
content-encoding
gzip
last-modified
Tue, 09 Aug 2022 09:30:15 GMT
server
AmazonS3
age
26719
etag
W/"1886fe7715c96c0ec9f0a0d6026bcb3e"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
d5TH6_NWF93IxutdvbT-j1JeEdxTC9k4ml5Ctj1gSRTq5kvZTsS1tQ==
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame F215 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35673
content-encoding
gzip
content-type
text/html
date
Tue, 09 Aug 2022 09:08:06 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-id
8zS-QDCF-6I-Gw5FCVwPFzEcIJY3BFvNrs-0b1abRz4FcML_sUxhuA==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 4ABB 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 4ABB 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
css
fonts.googleapis.com/ Frame 4ABB 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:15:59 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 19:02:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 19:02:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 4ABB 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 4ABB 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:53:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 4ABB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:58:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4ABB 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 19:02:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 4ABB 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:28 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 4ABB 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 22:29:36 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/ 		150 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0c2096f72c5f22628809e7c6271e1ce7e1747f33d98490230dbdd5d16d476618
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54484
x-xss-protection
0
server
cafe
etag
16505829615472248957
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 09 Aug 2022 19:02:39 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8A4F 		91 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3421cd1be0974f8e634c4a499ccb51876f2ad992e8c9703152e0f00b9bbe28a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33975
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 19:02:39 GMT
expires
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 233E 		88 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17004487df2f28397d53056fc2005ebdcc01a93f9a188c0aa891322c548a7829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33633
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 19:02:39 GMT
expires
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 885C 		88 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b64b8a44321360581598d63ec1719031fe2b811184723cae236c56375038e9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
33677
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 19:02:39 GMT
expires
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
geoip
avm.avantisvideo.com/api/v1/ Frame F215 		196 B
950 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c576d283698ca89b20fde41b205ecea3f07bc91d64136b679d64775d3cd0bbcd
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
196
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Tue, 09 Aug 2022 19:02:39 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
w-0xlRIHT9_IgHttT-n8HRY0YgDbrkyNi2N8IDFG9pa-KW77Ighn_w==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Tue, 09 Aug 2022 19:02:39 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-id
f53R_WcBXFSTNciPGXqe2q3GFS33HCCn8d2tCC2bODBu5caickdonw==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame E57D 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 01:14:12 GMT
etag
8616628553774171045
expires
Tue, 23 Aug 2022 01:14:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame 3A74 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
64107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 01:14:12 GMT
etag
8616628553774171045
expires
Tue, 23 Aug 2022 01:14:12 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 4ABB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6uy9Tq_yYsnNIKHW7_UP8taO4Ars5oz7avvjl-DFD7K8ysCyDxABIMXPgAdglYKAgMgHoAGM99vdA8gBAakCNm2BKK8msT6oAwHIA8sEqgTKAU_Q3wQ6JcTn_cRqlk-pY7989YNNKIDXcx_eGbXtT2Tg9ZPJ34vrrFnvz7QsboEdhx6gAlkxoBtUDr2eQR11_2T5TQY0-iMeCJwfDewN3ZujZgAWm_QGVHdFzMchZz1X1NP2iqCelfZ0M2le3HNOy0zD6rJoY_fOGKX3uiSwDgZVZZVJDLLk1JorWeMi4-iuZkOyDJkCTne6xuSL052ZauoqA5ivVb5pvXYnAgKigVwC-atDA1V_lzX_BbBoc990c5IJ89veEXIO-b3ABJelqqb2A5IFBAgEGAGSBQQIBRgEgAfxm4EkqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQkvUS0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFATQFQGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=eqiC1GURgq8&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 09 Aug 2022 19:02:39 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame B585 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 18:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4ABB 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1352b560598924c5845123efc92550cb92213307fd41d40468a32220962a623d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
css2
fonts.googleapis.com/ Frame E57D 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:19:06 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 19:02:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 19:02:39 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57D 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:20:22 GMT
x-content-type-options
nosniff
age
2537
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Aug 2023 18:20:22 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame E57D 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:03:11 GMT
x-content-type-options
nosniff
age
3568
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 09 Aug 2023 18:03:11 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/ Frame E57D 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 17:45:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8392
x-xss-protection
0
server
cafe
etag
14983445617412810031
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 17:45:54 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3A74 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CoT-BTq_yYszfIL2K9u8Pjq2o-AH-k5LEa8_J8t_-DwsQASDFz4AHYJWCgIDIB6ABmY7Z6gLIAQKoAwHIA8kEqgTCAU_QPiX-X6fIek3PgwEYCufXOiy_Fu2Mxyitqv2xss63l-4YyXAPn3lc3ZPeiuBENyooOHDg_f0_6N4UFWvfR6hYOuNndx5YtUFJVReKhBh5ee2TVihvxXSMwPkX9NDEGtHW59ShvvlAtXd-O_pZQUraa6CnVHkqBXBRz2arMQ7GouXqxYSgnmjXQ3DfcVLG_w3W5oXCtIm3USIhM5gYqxuxdYVa7js2k1b99u_8yjdJvIl4JJlnjpX19_qw-OQBxZXewASUoLX1-QOSBQQIBBgBkgUECAUYBKAGAoAH7NT26QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCAiFHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi02ODMwMjMxMTU3ODQ1MzcwGAA&sigh=3lMglNsx7q0&uach_m=[UACH]
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 3A74 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:53:07 GMT
15107460661350221877
tpc.googlesyndication.com/daca_images/simgad/ Frame 3A74 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/15107460661350221877
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e66d78d5f351d6676230268f7db5532d1e1211cfbacae7f5af2b25bfd457e0d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Fri, 05 Aug 2022 06:41:03 GMT
x-content-type-options
nosniff
age
390096
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32035
x-xss-protection
0
last-modified
Mon, 23 May 2022 17:28:33 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 05 Aug 2023 06:41:03 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 3A74 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:58:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3A74 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 19:02:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 3A74 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:28 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 3A74 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 09:25:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34636
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
server
cafe
etag
4827693875121430507
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 09:25:23 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame B585
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:39 GMT
expires
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105305343-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
39
date
Tue, 09 Aug 2022 19:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 09 Aug 2022 21:02:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4ABB 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 20:36:54 GMT
x-content-type-options
nosniff
age
512745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 20:36:54 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4684 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 18:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame DC25 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame DC25 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:53:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame DC25 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:58:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DC25 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 19:02:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame DC25 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:28 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame DC25 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 22:29:36 GMT
pushly-sdk.min.css
cdn.p-n.io/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-6.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 11:37:21 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 18:34:08 GMT
server
AmazonS3
age
26719
etag
W/"f3cd76bbdf477b890d940ce319bd1d16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
GyevKHbG3yljcQp_Lh35tuUMfTiEbSEqXpZL85-3YXs5hWtX9mkWdw==
truncated
/ Frame 3A74 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14956007a3a1976ad341e80da9bd37969ab26f2fe2d189861523719cbf47415d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4684
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:39 GMT
expires
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1911266942&t=pageview&_s=1&dl=https%3A%2F%2Funtoldtea.com%2F&ul=en-us&de=UTF-8&dt=Untoldtea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=2041861714&gjid=185526855&cid=1508202224.1660071758&tid=UA-105305343-4&_gid=1441690982.1660071760&_r=1&gtm=2ou880&z=775615656
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 3E2B 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
20735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:17:04 GMT
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 0760 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071758&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071758296&bpp=2&bdt=1110&idt=171&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wyxJKPufgs&p=https%3A//untoldtea.com&dtd=174
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
20735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:17:04 GMT
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame F923 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
20735
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:17:04 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105305343-4&cid=1508202224.1660071758&jid=2041861714&gjid=185526855&_gid=1441690982.1660071760&_u=YADAAUAAAAAAAC~&z=1859463480
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 09 Aug 2022 19:02:39 GMT
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 8A4F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 8A4F 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
css
fonts.googleapis.com/ Frame 8A4F 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:21:23 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 19:02:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 19:02:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 8A4F 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 8A4F 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:53:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 8A4F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:58:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8A4F 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 19:02:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 8A4F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:28 GMT
l
www.google.com/ads/measurement/ Frame 8A4F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxSN6zgD3LNCctQwWdyGEgDVV1AJqbVhRNJ0HTYT7IuayCpX9oMicM1Fop0QZ1cteO7kc_Zz_HG1B-rteDK8Jx__TBfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 8A4F 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 22:29:36 GMT
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 885C 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 885C 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
css
fonts.googleapis.com/ Frame 885C 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:24:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 19:02:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 19:02:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 885C 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 885C 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:53:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 885C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:58:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 885C 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 19:02:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 885C 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:28 GMT
l
www.google.com/ads/measurement/ Frame 885C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQkguZuPKt6aVeY6XWTUmp8--ab7wCaPpbCfMG-CL6r4gcxirJLIrRQ2aLoFmOYfNMJ1Vgp7lfma5CDdvfx4_5RfWvYAw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 885C 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 22:29:36 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 04:07:35 GMT
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 08:12:47 GMT
server
AmazonS3
age
53705
etag
W/"7b1a9ceb08392f5edf168e210f7c817e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
Usl28QWcpcQuVgqctq_iPLAQIzTzuE9F
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
i79zDguZZAm2_5uAPGGZcgZWD4CdtI1bv5NWn6ABVme829iP0OvEiQ==
event-stream
k.p-n.io/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 19:02:39 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
event-stream
k.p-n.io/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 19:02:39 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
adview
googleads.g.doubleclick.net/pagead/ Frame 8A4F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CdV68T6_yYuiQC_Ok9u8PkZCX4ALl87OOY6LVg5mjDdj3i9rGExABIMXPgAdglYKAgMgHoAGzhNKVA8gBAagDAcgDywSqBMQBT9C2hg8J3sC_b7UuBfXmVxvNGzKxZRSzjVFzO54uth_Lj2h-jCZSeiWB9whPrYI-1x5nTy_zV2iiIYVa8uaY1Pu7ciIrEmnHVMNsAwt0U6z0cxDuf4ljy4naqsf5NsAa57vc5meyrKBPL8Ekq6CE-AIVsN4jzY-KM1K5YUcBmFKAuWldlwcUPazA7j26gTLwSCb2aQ2UDPJwrhunxigxIicNGkfPvEdTeZ7vQ4AMe_7I7W9xss5jXmEnLLT8VYoSQsNpi8AEuP3pwNIDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGAB7X7rWqoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDu9AXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi02ODMwMjMxMTU3ODQ1MzcwGAA&sigh=YQb_a9RwXaY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame DC7B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 18:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4ED2 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 885C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZnSgT6_yYviyENSX_tMP2fKucOXzs45jotWDmaMN2PeL2sYTEAEgxc-AB2CVgoCAyAegAbOE0pUDyAEBqAMByAPLBKoEwwFP0MyT2uyh4LOrP5DuSJu-KfQDTVbMhpdikkc3DMAgLFlthDolmCh__Qjzohf5z3aWVeRFrQJNM7BsFHZAuPqhfWu-jlVh2fhyWMeH6QhkwQmdnl3PhORGxbJXGRuWqzBIrXS6JP7q28WqHe8V_Od-W12Q0zX_bXUzZ3E7lSPhiSVwdED-EHqkvpAOWj3C9VXSp6HcMsSdPypbHEQuk4uquHyPt1Nu7WsPFEtkOVAqQqHYTxUQk2BfQqqvB-i589n7-IXABLj96cDSA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAe1-61qqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQxawb0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=7_22H_9kn6M&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Aug 2022 19:02:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 1321 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 18:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame B894 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18107
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 885C 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c407f13f39e7c59c2c3ea46ff049dd4dc2373c1f656243daf5a00593fc414e39

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 8A4F 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
12d411fab4581991143974d4735693df196aa1d69fc41db2acd42c96ee38ba24

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 8A4F 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 20:36:54 GMT
x-content-type-options
nosniff
age
512745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 20:36:54 GMT
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 233E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 233E 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
425824
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
css
fonts.googleapis.com/ Frame 233E 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:803::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 09 Aug 2022 18:24:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 09 Aug 2022 19:02:39 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 09 Aug 2022 19:02:39 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 233E 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:37 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/ Frame 233E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:53:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
572
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:53:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 233E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:58:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
227
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:58:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 233E 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 19:02:39 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/ Frame 233E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220804/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 18:57:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 18:57:28 GMT
l
www.google.com/ads/measurement/ Frame 233E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQYuYLcN5sOxwYXn2WrT71X24lfog1IsS7RVKiEnja_FtoTZJvNsee7MHyljEqS6z14tsv4dDzh6JbIp6-s43eQ880hA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 233E 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:29:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
505983
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 01 Nov 2022 22:29:36 GMT
dpixel
cms.quantserve.com/ Frame 4ED2 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMjPp6hpnrTDnhRlozdnlQE&google_cver=1&google_push=AehlK4AA7GiB-cUNcnksVU-z0ctq5wUd6I97-tBszg45MBwsfueUoThbT1L7NQ51xUR4cJZulzEbEm0M3obI2yuJRfoJsMqhVY8-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4ED2
Redirect Chain
  • https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4AFQ7G6JOL1t2rGtnhLEBcCvwoX9hTVgK4FrLW5mK0_oBSZp9bwqaIpFR6GUqO21iM9noqKzi2a_Ti9e2hYmR5BOHDndwqQ&google_gid=CAESEIiFukcoxP9AIp-sXc9-nNw&goo...
  • https://id.rlcdn.com/1000.gif?memo=CK69HBoNCNDeypcGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BZWhsSzRBRlE3RzZKT0wxdDJyR3RuaExFQmNDdndvWDloVFZnSzRGckxXNW1LMF9vQlNacDlid3FhSXBGUjZHVXFPMjFpTTlub3FLemkyYV9UaTllMm...
  • https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwR2lwNXpwQTZMUktaRGs3RmZNUlp1TVZmMEt3Tlh3RzhSc25MQ256MXpvTQ==&google_push
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwR2lwNXpwQTZMUktaRGs3RmZNUlp1TVZmMEt3Tlh3RzhSc25MQ256MXpvTQ==&google_push
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 09 Aug 2022 19:02:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwR2lwNXpwQTZMUktaRGs3RmZNUlp1TVZmMEt3Tlh3RzhSc25MQ256MXpvTQ==&google_push
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 4ED2 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEMUjNi4NHwsJDRCP3iWweaI&google_cver=1&google_push=AehlK4DgFm1vvKu-fX0RNXezBb_rh3EpBjp2xMF2NhypMCNEtRC4fnuvITlqLAbXSyPxlokoy00LHeNOtzS3y3LNX8vVXl7JUkQI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ia8592obj12m0lngf2v6r3c3smldqbvc
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4ED2 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHkN2ZkK8oRqlVBHFu8hr2c&google_cver=1&google_push=AehlK4BS2Cubvj2u1RUoaGmvdVJcmvmz30c24H-7EWfbcU6K3oKli__L3rRLuzyfYqVYYixmz5UpJVnjBRLxLX_40LpOpP3-dpb4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4ED2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAtbWlMQuJJUjHBeuPnYhCc&google_cver=1&google_push=AehlK4BYyjOFXh_cyPsI-70z0T9PlUxhvupRx1-pdB900HiYEyzvz5OAlUwuX4Ece_b8KjMn4dY...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUUtVC0yVTBN&google_push=AehlK4BYyjOFXh_cyPsI-70z0T9PlUxhvupRx1-pdB900HiYEyzvz5OAlUwuX4Ece_b8KjMn4dY8yB4Hj-5fM6wvBHwduuXocf9R
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUUtVC0yVTBN&google_push=AehlK4BYyjOFXh_cyPsI-70z0T9PlUxhvupRx1-pdB900HiYEyzvz5OAlUwuX4Ece_b8KjMn4dY8yB4Hj-5fM6wvBHwduuXocf9R
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUUtVC0yVTBN&google_push=AehlK4BYyjOFXh_cyPsI-70z0T9PlUxhvupRx1-pdB900HiYEyzvz5OAlUwuX4Ece_b8KjMn4dY8yB4Hj-5fM6wvBHwduuXocf9R
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4ED2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4BAouknGzBq5U2jxXnPbeJmyWOxAA29w...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4BAouknGzBq5U2jxXnPbeJmyWOxAA29wtmWyIXIu1VcFvhKwbqTM-L7Dvryy55_OljUY3OXEv5c-BTlmEzsqFBR9ZySF4M
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SThNNzKxzyMIuwGO5pbp%2FHtyH7cF6wy1pLCveMSxocJtLo%2FbfZMZLp37R8%2BsyRKpUKomO0RhBf2BDHsdCAWaAOvKILlnCkLhxjLflmzUYySOCUaolnTJO33%2B4P2HA5CvqE9XfKsWqOEi6g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJOMCW5-ZC7nja53-ngVKPo&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4BAouknGzBq5U2jxXnPbeJmyWOxAA29wtmWyIXIu1VcFvhKwbqTM-L7Dvryy55_OljUY3OXEv5c-BTlmEzsqFBR9ZySF4M
cache-control
no-cache
cf-ray
7382bf54beb79235-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 4ED2 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 4ED2 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InCepd-Uvqq5sAi7nJqpAvuSr3gjJjtfy2WinosFrK5i0W4fU7gS2vSfk7W9IOuV6ZKSsDoQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 885C 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 20:36:54 GMT
x-content-type-options
nosniff
age
512745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 20:36:54 GMT
dpixel
cms.quantserve.com/ Frame B894 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELK90vqFvsUiIbigII5bsUc&google_cver=1&google_push=AehlK4AUlYYtbPS2xVCmJFQFddp4r1eU6hdtytYC6EC9SwEIV17UXxUEvZ52qsQAm-VTL3Nrq0sGNoAHgep9tT-VVacnRZLA8AWu
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame B894
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4BCp8oQ2W485AwS2935T5P_thSR2LowQqb_Kml...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZLdlVBQUFCZE5WdFdobg&google_push=AehlK4BCp8oQ2W485AwS2935T5P_thSR2LowQqb_KmlkkOjYa4j46HLz1xkRBM4Lj48uJFI9VkUuNmaNL7n8Fk7RcVgUYfro24pY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZLdlVBQUFCZE5WdFdobg&google_push=AehlK4BCp8oQ2W485AwS2935T5P_thSR2LowQqb_KmlkkOjYa4j46HLz1xkRBM4Lj48uJFI9VkUuNmaNL7n8Fk7RcVgUYfro24pY
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZLdlVBQUFCZE5WdFdobg&google_push=AehlK4BCp8oQ2W485AwS2935T5P_thSR2LowQqb_KmlkkOjYa4j46HLz1xkRBM4Lj48uJFI9VkUuNmaNL7n8Fk7RcVgUYfro24pY
Date
Tue, 09 Aug 2022 19:02:40 GMT
Server
Apache
Connection
keep-alive
Content-Length
391
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame B894
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEI_2UwvFuAYRRZxYoVa8WhM&google_cver=1&google_push=AehlK4AW7bdtA9CM393jsCp4Lp2_Yc9KL6OcWJn-c-ZXuL2zOBw8yt0d4LF1heR3sLyIdP6cxNTZLRZhh-_KH02y0CGqdgph5EW7
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AW7bdtA9CM393jsCp4Lp2_Yc9KL6OcWJn-c-ZXuL2zOBw8yt0d4LF1heR3sLyIdP6cxNTZLRZhh-_KH02y0CGqdgph5EW7&google_hm=Q0FFU0VJXzJVd3ZGdUFZU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AW7bdtA9CM393jsCp4Lp2_Yc9KL6OcWJn-c-ZXuL2zOBw8yt0d4LF1heR3sLyIdP6cxNTZLRZhh-_KH02y0CGqdgph5EW7&google_hm=Q0FFU0VJXzJVd3ZGdUFZUlJaeFlvVmE4V2hN
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 19:02:40 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4AW7bdtA9CM393jsCp4Lp2_Yc9KL6OcWJn-c-ZXuL2zOBw8yt0d4LF1heR3sLyIdP6cxNTZLRZhh-_KH02y0CGqdgph5EW7&google_hm=Q0FFU0VJXzJVd3ZGdUFZUlJaeFlvVmE4V2hN
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame B894 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEAWVjJRgwAw-CtPCQRSMML4&google_cver=1&google_push=AehlK4Ca0UFpFcy85xLMqy-ivXjZbElRAg7ktM5EMqc9-t5NJ_-vuE4OfTha9Mf0dEV34U91fbQtI2Db0UQN6TyxQiv-TxllYCaR
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
ekjfb37av987i2ic6k3v0m46i6q202u6
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B894 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHe8nMAMLxOEpDETSz2L8QU&google_cver=1&google_push=AehlK4DsFdIepC0KE25eBQJCEZh_5RUmUSaqxOf6Iu-5o9t796D55UwxfQVxqxwEv0_eKz39dJUrOlqFgA5Dug9K_PXiaRC4DCMq
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame B894
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOnuoelSyKzYsuil8OClrkI&google_cver=1&google_push=AehlK4ARBLuSaryUniqs4-n77wzkpn0YketSlqljuaLcpJu3cx7UbW1Yp_qn_M2PDEIwtUaHCS8...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUgtMUgtSlNIWg==&google_push=AehlK4ARBLuSaryUniqs4-n77wzkpn0YketSlqljuaLcpJu3cx7UbW1Yp_qn_M2PDEIwtUaHCS8jN5GeGVaFe9qy7D_ypr-D-wsT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUgtMUgtSlNIWg==&google_push=AehlK4ARBLuSaryUniqs4-n77wzkpn0YketSlqljuaLcpJu3cx7UbW1Yp_qn_M2PDEIwtUaHCS8jN5GeGVaFe9qy7D_ypr-D-wsT
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWUgtMUgtSlNIWg==&google_push=AehlK4ARBLuSaryUniqs4-n77wzkpn0YketSlqljuaLcpJu3cx7UbW1Yp_qn_M2PDEIwtUaHCS8jN5GeGVaFe9qy7D_ypr-D-wsT
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
Expires
0
pixel
cm.g.doubleclick.net/ Frame B894
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4Dj1oidLrQzmNuvfh1FgKnP6wa77ZjDh...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4Dj1oidLrQzmNuvfh1FgKnP6wa77ZjDhNiReuGeXENORT7XFBJj8iqyhnXsExn9uGeh_u1EBbDCCV8dCT3LAPN_TWsbEjcN
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XkvFcToifODa3ACs97EqLwSj6ERGzRgNUR4O96ofk6dxVJ2aI6rli2KbLxHGrkF%2FOnOL5%2Fo%2FPYz6z%2FKFKJiBphlMvw3mFp%2FvIggLSJeNJsIUoqNSj13Jrxv1FsDiujvbUas7Fcuc8tXf9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEKuAKAos3o4XwMWHGqt54pI&google_hm=YvKvUEbarfTEipg6GmMhrAAAFB8AAAAB&google_nid=index&google_push=AehlK4Dj1oidLrQzmNuvfh1FgKnP6wa77ZjDhNiReuGeXENORT7XFBJj8iqyhnXsExn9uGeh_u1EBbDCCV8dCT3LAPN_TWsbEjcN
cache-control
no-cache
cf-ray
7382bf54beb99235-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame B894 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KdJDi4m_3WsttBaVq9pAbm5Y1nScqTjiJcvQ-pZUOlOwpQrmnqC7xCb7ZbJQJ9-lEa98iD
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame DC7B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:40 GMT
expires
Tue, 09 Aug 2022 19:02:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:39 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
t
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Funtoldtea.com%2F&eu=true&country=DE&hour=19&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://untoldtea.com
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
ypGpVwXdHxvVtV1Z7FPAqqNy_S-6t_YW3jsmvtr4N0XTv0N62QxhwQ==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 1321
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:40 GMT
expires
Tue, 09 Aug 2022 19:02:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
t
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Funtoldtea.com%2F&eu=true&country=DE&hour=19&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:7a00:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://untoldtea.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Tue, 09 Aug 2022 19:02:40 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-cf-id
6E3MGEY9hz5ElNu2oZ-Mbp4wK8D0St5gwzwLe-PcUw7hGoeSo5mcvQ==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 233E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cxr6IT6_yYoycENqMngW2tZ2QB-Xzs45jotWDmaMN2PeL2sYTEAEgxc-AB2CVgoCAyAegAbOE0pUDyAEBqAMByAPLBKoEyQFP0GBrVVEQzaoFC0GHPruhHrUtyh-a6_oeEFHvkSGbdqHGpJInzyK89Ax9H248H-8Y130esW49g0NuHb5rBN9clGYtnPiQB_Om0Ae4AzqIX88eS-rCv4m1Ixr6PvOXSSrlmXnEVji3Pyh-ZMEx15MZ7OmY55V6D0V-3JL_wNA4wKvo0GmQTOpuU2qDnbz6KACUfxRq9-8B7ApVzZncb8VwUwbse243HSx055IWcZEv03AkbiyzHxFMMIDkrJdR2g0AiOiKZLCJBSjABLj96cDSA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAe1-61qqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQgMof0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=_OV1_4Dv3Bs&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 09 Aug 2022 19:02:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4759 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
3102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 18:10:58 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8BAA 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
18108
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 233E 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c59e55f3c5da2a46e07d25164e9e30ec29eeed48fe2d450c042302049b9b1a3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 233E 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 20:36:54 GMT
x-content-type-options
nosniff
age
512746
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 03 Aug 2023 20:36:54 GMT
dpixel
cms.quantserve.com/ Frame 8BAA 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEPDbeyo0EkV9Pp4qOSWSMgY&google_cver=1&google_push=AehlK4BWQ0wJWfXjGeOee9DyI1UqIssgSZuWJygVvI9AJnH7i_Dt-1KsXSWML-61A-vzrxBqE8OnYYwmApDdQOFyuzKTQ-UXSOUI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8BAA
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEJhX6Op9JVJ-eh-FMRejdlc&google_cver=1&google_push=AehlK4Ar0DbRdqHLqF0zu8AWKWHFr3o4389h_ALU0x3A1ZTPDdllcAgKzStWbpjCY-6m7cC3a-fFX41Pdek5KkdNGXa_ZPLKF-80
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Ar0DbRdqHLqF0zu8AWKWHFr3o4389h_ALU0x3A1ZTPDdllcAgKzStWbpjCY-6m7cC3a-fFX41Pdek5KkdNGXa_ZPLKF-80&google_hm=Q0FFU0VKaFg2T3A5SlZKL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Ar0DbRdqHLqF0zu8AWKWHFr3o4389h_ALU0x3A1ZTPDdllcAgKzStWbpjCY-6m7cC3a-fFX41Pdek5KkdNGXa_ZPLKF-80&google_hm=Q0FFU0VKaFg2T3A5SlZKLWVoLUZNUmVqZGxj
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 09 Aug 2022 19:02:39 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4Ar0DbRdqHLqF0zu8AWKWHFr3o4389h_ALU0x3A1ZTPDdllcAgKzStWbpjCY-6m7cC3a-fFX41Pdek5KkdNGXa_ZPLKF-80&google_hm=Q0FFU0VKaFg2T3A5SlZKLWVoLUZNUmVqZGxj
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 8BAA 		42 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BkmFFv0AYPTF7wRth4G9GdjqT9S1JdyzBw6muahqnmell7R0O4ZqkTB6_MnuUagbrw6JbMiLY6a_Wiq_UddO5QU3cbw-I&google_gid=CAESEP1S1evQtzryAvQWcPoPUGA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 19:02:40 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
dds
rtb.openx.net/sync/ Frame 8BAA 		43 B
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEM61BFWMejTbIprwAbrWrQ0&google_cver=1&google_push=AehlK4Bcq7br10ED63SrbVoDHjE4JfKbfqN_CCNIb5KpjEu5eEpJA_b2kLO9DL_T05L4LEAc9YyBYJeyosa9fd3Q0kvJP_zB3Zc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:39 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
p4t1684ruvg05p4ai0aok39qplvkp3ml
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8BAA 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBgTjUiDjdFY8Oj-D1UqIOk&google_cver=1&google_push=AehlK4Bf4zjeej88Eu6TTEqIFjBwOIweymkSdkqnMp5pu037-a4NbGAIbauV3uItOCLqaRz6AOFoPonazIadVrPQJLy4N7GYVp8B
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.36.113.23 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 8BAA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDg0YoS7xyj87KRVGV5saU8&google_cver=1&google_push=AehlK4Bj0kiUBWG7yv9TzHFCsejRO9gg-lyKAImJVvktEjZlOcCe3vkswEpI3Wusn8-HD8b74c0...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWjgtMU8tOEpPUQ==&google_push=AehlK4Bj0kiUBWG7yv9TzHFCsejRO9gg-lyKAImJVvktEjZlOcCe3vkswEpI3Wusn8-HD8b74c0ThZV84TOqHQuzrDoU8iouJbkS
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWjgtMU8tOEpPUQ==&google_push=AehlK4Bj0kiUBWG7yv9TzHFCsejRO9gg-lyKAImJVvktEjZlOcCe3vkswEpI3Wusn8-HD8b74c0ThZV84TOqHQuzrDoU8iouJbkS
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZNSlYzWjgtMU8tOEpPUQ==&google_push=AehlK4Bj0kiUBWG7yv9TzHFCsejRO9gg-lyKAImJVvktEjZlOcCe3vkswEpI3Wusn8-HD8b74c0ThZV84TOqHQuzrDoU8iouJbkS
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 8BAA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_hm=YvKvUG93zVklkcFA2h0aRAAABJgAAAAB&google_nid=index&google_push=AehlK4B8VCIFACVeN4-GFQt1FHVj9-6DdvsqJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_hm=YvKvUG93zVklkcFA2h0aRAAABJgAAAAB&google_nid=index&google_push=AehlK4B8VCIFACVeN4-GFQt1FHVj9-6DdvsqJLGVQhRGkjq6Kugu3ccGnk-JgXrWJIMwTWevSPz0vcBO9uCzGcqpUrwptORXeev9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LVE607BZMsXw9JZ3s3pIaEz%2FRISweD14UafQC9bhiWeDspV6btfhw4BiWv9fFDyVIBPO%2FGff8AI9jW7doipZz1V3d924vGH9A5Jm6BKhMHAHbR4j9AHIRwZSHuEob%2FWTvbT78JB%2BdB0ivg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFoVxC0gb9bv6Hen2twk36E&google_hm=YvKvUG93zVklkcFA2h0aRAAABJgAAAAB&google_nid=index&google_push=AehlK4B8VCIFACVeN4-GFQt1FHVj9-6DdvsqJLGVQhRGkjq6Kugu3ccGnk-JgXrWJIMwTWevSPz0vcBO9uCzGcqpUrwptORXeev9
cache-control
no-cache
cf-ray
7382bf54beb89235-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 8BAA 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSQO--B7nmv1n5KgeOmixHsCYTEamzMUvEMYL5PWlsZptROu5f5DndK1bUBkDK89Ty2E-o
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4759
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:40 GMT
expires
Tue, 09 Aug 2022 19:02:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 09 Aug 2022 19:02:40 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 46B8 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280&nras=3&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=35obXOc1Tt&p=https%3A//untoldtea.com&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
20736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:17:04 GMT
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 486F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1961&idt=0&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=gCxXCjV9r9&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
20736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:17:04 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220808&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c3e54cb2c3090d23d9c1380c7309a033942aeeb7d595b968e90be75d26dff30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 09 Aug 2022 19:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11088
x-xss-protection
0
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 6CA4 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660071759&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1660071759146&bpp=1&bdt=1960&idt=-M&shv=r20220808&mjsv=m202208010101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D06586e5c8e65b352-225bf556eacd00a9%3AT%3D1660071758%3ART%3D1660071758%3AS%3DALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=3853506256828&frm=20&pv=1&ga_vid=1508202224.1660071758&ga_sid=1660071758&ga_hid=1911266942&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763506&oid=2&pvsid=4083758493373177&tmod=1946106748&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=0K9HRgY5qM&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
20736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:17:04 GMT
2.0ea6592415db7f630eab-video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:10:48 GMT
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 08:12:46 GMT
server
AmazonS3
age
17513
etag
W/"877651bae5882b405ee2d6c7879cc089"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
X0x1ohgLuQwdcmcojJpKQepQjoSaetGr
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
VxPuzHvTsu8G3U-Sa-a-KZw_AkQpkKzsjGI5N8CiC1VFX9-iUKux3g==
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 09 Aug 2022 19:02:40 GMT
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Tue, 09 Aug 2022 19:02:40 GMT
X-GUploader-UploadID
ABg5-UyceNYD8FEdWQb3EsKqZxhyLaQsoF5fAeemPciJDGSGGF4ULfrcEwEz_akWP2UPcpXtifCcA1iL2DSxDFRze85Z1ot-ZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Tue, 09 Aug 2022 19:32:40 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2942 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
261
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 18:58:19 GMT
expires
Wed, 09 Aug 2023 18:58:19 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BE0B 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e89f34aaf9b8755da268cc46216ff9fbdd68686e174c3fcb87cc2945f5c17117
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bLilWm0bbPq_esyn7_7Jcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
510
content-security-policy
script-src 'report-sample' 'nonce-bLilWm0bbPq_esyn7_7Jcg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 19:02:40 GMT
expires
Tue, 09 Aug 2022 19:02:40 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
avcplayer_2_89.js
cdn.avantisvideo.com/js/ 		279 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:1000:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
WJ3jJPCCM3aAkcwTY.vegsvtShd_34Wm
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 11:56:10 GMT
server
AmazonS3
age
47805
etag
W/"c6be89ee3bd8da9b1dbb4115606e1bbd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
date
Tue, 09 Aug 2022 05:45:56 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
OkX-dHsvBF_-mfRJfuKrLzl_bRMMj-IsTagOXXnkN-7_5W-nLfvHSQ==
sodar
pagead2.googlesyndication.com/pagead/ Frame BE0B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220808&jk=4083758493373177&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
pagead2.googlesyndication.com/bg/ Frame 2942 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/jjp8A9boDrBmSAr_yfbeEM1ThbAhpFVxRN30ZpHEy3Q.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 13:17:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
20736
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14162
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 09 Aug 2023 13:17:04 GMT
ins.txt
static.avantisvideo.com/data/ 		28 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/ins.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:f800:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 11:37:22 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 08:05:53 GMT
server
AmazonS3
age
26718
etag
W/"15dd250762ab54d6ff995255934ac6fe"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
cLKgbxcaX4Um8NsvkjeoL6OYPLcTWJV7vc70UJ-sSmzfwwU42tbOPA==
via
1.1 0cef334729aed841ca9f130c177beeba.cloudfront.net (CloudFront)
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6837 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

unused62
8096267
date
Tue, 09 Aug 2022 19:02:40 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu6xL9vZrltTUvDKnXQzibfMA-uDG79tRFMOGfB_TO6CYIv2e3b12_ByRZhYw4vma0s_tGz-_OW10A0nnFeqrd3Bz98iA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==, md5=eIi5hljozvSph4ZVbM2rZg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Aug 2022 19:07:40 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 1B16 		387 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvCZwRGdTjbQjZ3NA15qBf6D_dlN5UXmXTEAzGyHSfceexCt3zYl9yrCMI65HCk9tvYolkfDxCyRPMvOPdYkLDBLQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111956
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"903f07ee74bf08435b31bae7c312f6d2"
vary
Accept-Encoding
x-goog-hash
crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation
1659879239099576
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
111956
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Aug 2022 19:07:40 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4ABB 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssocEZ73AL-zVBTfPjTW01-5vD_Gdq7kjdJcfSS_lWZWVViA_N2Qxu167p7k0Vc2ME08aBbfsMGZe_mE2t22t4DvTW1NW2fTiuCJSpgotwmboOaho0H5nLqtM3qWU51bXcgHLoCLjezKkP7&sai=AMfl-YSlWcCW2jx8DmH3PHPDoApLIlsRN9e7yq6xYDVPspYLPukxSYNLXzdjqkr_1LkK4j_6w7qMMiBF7xXL&sig=Cg0ArKJSzAorQGXfGe4gEAE&id=lidar2&mcvt=1067&p=0,0,280,1200&mtos=1067,1067,1067,1067,1067&tos=1067,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660071758471&rpt=1124&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3A74 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSpQr0cBVAfZuD10iMn1lalPt7RKCq4ydhqLsrcLpdO0ndzJXco72XlhoLwAV75ymw6AmSpALd54f2XHmKmCtcNdzqBP290xwlZ2C-RIElPpsR77zmvib_NQYeDmPAl-lWe4_lC5MZYsm4&sai=AMfl-YS3il6tA8IOhtW9_cxuHawkzfNy5JPpRd6WIej3kWnqG3UMwZg_oxA8_1b7ybGWvy9Yiz-FKNIraqW_&sig=Cg0ArKJSzG4edguB40pREAE&id=lidar2&mcvt=1054&p=0,0,124,1005&mtos=122,792,1054,1153,1153&tos=122,670,262,99,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660071759216&rpt=301&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 09 Aug 2022 19:02:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 2942 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?DAABdg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=untoldtea.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=c84b0201-e447-4ac2-ba23-aec7279b06a2&rando=11&pid=61027ad23e194874003ad256&cid=61067b580d5316705a4e4044&stagid=&stplid=&e=inventory&vi=3&cb=1660071760838
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Funtoldtea.com%2F&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fhls%2Fenvironment_01.m3u8%3Fid&tid=1&d=desktop&i=0&cc=DE&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=61027ad23e194874003ad256&AV_CHANNELID=61067b580d5316705a4e4044&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=untoldtea.com&AV_DADPOS=3&d36=6.2.41&responsive=1&sver=2&avtoken=760837&omv=1.0.1&clsid=c84b0201-e447-4ac2-ba23-aec7279b06a2&rando=11&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1660071760851
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.95.110.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-95-110-244.compute-1.amazonaws.com
Software
/
Resource Hash
86aa9e64139346a7561395aca7e35b23981f1bbd06363cbbd29109a1a208549a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 29 Jul 2022 05:16:01 GMT
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 19:02:40 GMT
environment_01.m3u8
content1.avantisvideo.com/hls/ 		20 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/environment_01.m3u8?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e220666c7e2ad9897caf9c87af3302d00f5383da329649148beb3ede661a9da5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:42 GMT
content-encoding
gzip
last-modified
Tue, 02 Nov 2021 08:58:08 GMT
server
AmazonS3
x-amz-cf-pop
VIE50-C2
etag
W/"be5d4ac68718a60b6bd4dcb4a418818d"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
x-amz-version-id
lrqjKoBfLYVwzWzCP76XybKNrKukI.5s
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-type
application/x-mpegURL
x-amz-cf-id
bBWdKCUQH2EPVhUuNvubSAkwf2hPvDTqQoy4stXbnW8DEg9ZutDliQ==
via
1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220808&jk=4083758493373177&bg=!AgGlAUXNAAZGjrx1Zo47ACkAdvg8WshFS5OmpHk3p3Bf4pRTJZNT4BOaATxXSYdj-9-zX6Pq7HKUBgIAAACuUgAAAAFoAQcKAJe35tszlrQqmeF2rfdKhgqfPsm9-wKbWV8E6IzwexfpV5WP9odgZZovnhJca2xiydtbJHqRSWYHG69NW00LsiHtHTx3nQyKNfPr43xEpXwqbbU-83UBiS1fjz2Yva1IGlywF9InKEfMEMOXfzosluV_nbtNl6Er8Jafs3pkfnIX6sBGvnK2KMkuy8pvP4dPQKp0NajNHxK9mQLQPqKwUt8dTtm5l0xMzmMZYZeKKRE18vb2PGPgs4laGTdxPPLykmiH9AGx1iCylucJHM5CR0VZCMTOyBcs5wTPTcw8tKC67cG6o--ylWsu0irPKpi-11wS-LScNmtjwcHJl1rTI1YFkArQm_71NRr8hQ1JQ8C8-Q448uu_HXkKs0HM7X_4Wu4-oUuYxyWi9CFAWWImkV7UgZNisKapDh4qj4DlyQsc2EhjTq5UM0hxlifvJQe32HAKr0fcVoJ9d2fUwg9eDGIfRhyWj5sope2AJTjwiJZRhWDuH20el4l1tx4CFch1Mn3LABhg_BPCybbWe5Bj3q_aJbFSmgh7gBCM4R9IO48c9tsStnS_wobL0wFHTEfnSGyPj868ZH76m3eB0gJDjfwTM2dxOe6ylfQ3zWV18VV2r9uTLdPhBTGzwco9LNvQMA8YXXiwBktbjRaVActjac8dXDsx6XjV5byy_ylV8tKNHm2yPXTpIUWaAf5CXf9x9Zqx5mm_Cgg_wt0F4-KwMCxtIXoaQj6TfUDTeGX0ib8o2PSd0vxGshNSbKuAzTyQeSkYsz-hzCpYm7BXFeSMT1QA2MppbjIsS3kYJPsAFrxX9ZkZR1rWkreeXu_vdyq6ef8Tb3SWL4EIen3RO9CzGo8ZD8tRhHhiLev_GG2PWKltwjFn2U85drvzjrTKEl17kRZ8s02Wl5ZBm4hZSqGlk77dFYl9FYRqx-8AdXtwP81DqW9v8VtQ7hAKZUpEt_4PegpAi0Ra0Fi7HioaaWbSN3Z_h0w8ZP-VezxvFR9TFN3tQdLtEOWzqJy9M5kdL5n9P6OXpKZcm2pXSxcsxo5pvdEvUgWjfrETfCmZAUVXU7zwGyUhs4D-ZlKc8PgiwdccVX9fGZK-JDyfaYGLpB5OdnaJyoDp159bwMq-0M9x5Hy9FXJb3YWW3Ql1pNbfkdU-8OnQ1uOjjBkiTwZW
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
cookiesyncendpoint
sync.aniview.com/ Frame FDB1
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660071761239-952592075006-006760-004-004094%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1660071761239-952592075006-006760-004-004094%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660071761239-952592075006-006760-004-004094&biddername=55&key=6520085987891123327
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1660071761239-952592075006-006760-004-004094&biddername=55&key=6520085987891123327
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.164.17.59 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-164-17-59.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Tue, 09 Aug 2022 19:02:41 GMT

Redirect headers

AN-X-Request-Uuid
a463e8c9-0c8c-44ec-a73e-c6628803ef1f
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Tue, 09 Aug 2022 19:02:41 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1660071761239-952592075006-006760-004-004094&biddername=55&key=6520085987891123327
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
84.19.175.165; 84.19.175.165; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1B16 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvNTaLMxw2N6EgSmzqLD2A5j3PUaLSy6Cil2HnG5Rf80hoKAMSFO6l2cx478bau0FgGdyk-UFJgbYeBxZ3F1KeGVmn4LbJ8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"4ecda2f032d9e44c338b378388b06251"
vary
Accept-Encoding
x-goog-hash
crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation
1659879239799693
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Aug 2022 19:07:41 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1B16 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdudQuxd9AUwsDrPIbVBA-awfrpeAzcn4ZkShHlHBEHjNXomkJQn8sHn72kdsyE_lQOnLTJCJvdNYX7FTjqpA3QJ_w
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"2ae737f175c0550382b15b7d6f5922f5"
vary
Accept-Encoding
x-goog-hash
crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation
1659879239872223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Aug 2022 19:07:41 GMT
avpb6.27.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 1B16 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:41 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds0suCgssSGVzLiYo1z6SbiCdXjTbBiNOxn1AqVfXS9nB6BYCFYVlhFtImGYiow6Y3DavBYUY8y0_ebzlYrirB3Q6FJFAF_
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20618
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"b4637f2b16940536698574e508f06ce3"
vary
Accept-Encoding
x-goog-hash
crc32c=yl9jOw==, md5=tGN/KxaUBTZphXTlCPBs4w==
x-goog-generation
1659879239902979
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20618
accept-ranges
bytes
content-type
application/javascript
expires
Tue, 09 Aug 2022 19:07:41 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=29956&t=1660071761&cip=84.19.175.165&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660071761239-952592075006-006760-004-004094&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=92370042792&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1660071761309&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:41 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://untoldtea.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 09 Aug 2022 19:02:41 GMT
server
ATS/9.1.10.25
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=7000&ts=1660071761427&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.86.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-86-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://untoldtea.com
date
Tue, 09 Aug 2022 19:02:41 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://untoldtea.com
date
Tue, 09 Aug 2022 19:02:42 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
environment_01.ts
content1.avantisvideo.com/hls/ 		834 KB
836 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0dc1aafbca8fd28e5b6b13dd47513e4a441e92f370c4171a2438e8ff3e5f9966

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-854271

Response headers

date
Tue, 09 Aug 2022 19:02:43 GMT
via
1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
Content-Range
bytes 0-854271/266206684
Content-Length
854272
last-modified
Tue, 02 Nov 2021 08:57:58 GMT
server
AmazonS3
etag
"91b44901c89824d5518fb7ec201e514b-16"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
4Nh3pRm56NfaWsYsnWw1aX.IRuJZpO7U
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
KIb_t2IbRRnsuJLIXpn06fbWX36kShVLCWiA0BJk4_bhJ1QwEa8E3w==
cb1b8c01-3b6b-4e77-9286-99c0786041c6
https://untoldtea.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://untoldtea.com/cb1b8c01-3b6b-4e77-9286-99c0786041c6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 19:02:42 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=29956&t=1660071761&cip=84.19.175.165&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660071761239-952592075006-006760-004-004094&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=92370042792&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1660071762470&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 19:02:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://untoldtea.com
date
Tue, 09 Aug 2022 19:02:42 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=7000&ts=1660071762474&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.209.86.207 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-209-86-207.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://untoldtea.com
date
Tue, 09 Aug 2022 19:02:42 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.4.33.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-4-33-45.compute-1.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://untoldtea.com
access-control-max-age
600
age
0
content-length
0
date
Tue, 09 Aug 2022 19:02:42 GMT
server
ATS/9.1.10.25
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 19:02:42 GMT
check.html
biddr.brealtime.com/ Frame 78CB 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
2090
CF-Cache-Status
HIT
CF-RAY
7382bf672f078fe8-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 09 Aug 2022 19:02:43 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Tue, 09 Aug 2022 20:02:43 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id
15DYQDFYDGXZWWWF
check.html
biddr.brealtime.com/ Frame 44D2 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
4090
CF-Cache-Status
HIT
CF-RAY
7382bf672dc26922-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 09 Aug 2022 19:02:43 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Tue, 09 Aug 2022 20:02:43 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
environment_01.ts
content1.avantisvideo.com/hls/ 		802 KB
804 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86f8fd7a9518c2750ac969f6f346f0ede9c662f5b9b8483ce7a07a47aa0abea2

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=854272-1675455

Response headers

date
Tue, 09 Aug 2022 19:02:44 GMT
via
1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
Content-Range
bytes 854272-1675455/266206684
Content-Length
821184
last-modified
Tue, 02 Nov 2021 08:57:58 GMT
server
AmazonS3
etag
"91b44901c89824d5518fb7ec201e514b-16"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
4Nh3pRm56NfaWsYsnWw1aX.IRuJZpO7U
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
804s3cK1oqv4QZiK53hshJKgN4f9n5ZFmpwf2gHsYkP1TMFjDV6tQA==
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.149.127.17 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-149-127-17.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Tue, 09 Aug 2022 19:02:43 GMT
environment_01.ts
content1.avantisvideo.com/hls/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2171fad08ad72818af5d69d43092d3dc5af06c95a98e8d456da552290bdb2afe

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=1675456-3194307

Response headers

date
Tue, 09 Aug 2022 19:02:46 GMT
via
1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
Content-Range
bytes 1675456-3194307/266206684
Content-Length
1518852
last-modified
Tue, 02 Nov 2021 08:57:58 GMT
server
AmazonS3
etag
"91b44901c89824d5518fb7ec201e514b-16"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
4Nh3pRm56NfaWsYsnWw1aX.IRuJZpO7U
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
ugkfa-jdNMacrrlZz34JiHKmgP9YOFTV-ZK35s67X0y9Bh2idOAmyA==
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=29956&t=1660071761&cip=84.19.175.165&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660071761239-952592075006-006760-004-004094&cha=0.7&stagid=&stplid=&d35=&d36=6.2.41&cb=92370042792&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.189.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-189-122.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 09 Aug 2022 19:02:46 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
environment_01.ts
content1.avantisvideo.com/hls/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJApP-9kQd1UmlZeKaMnfIE&google_cver=1&google_push=AehlK4Dm7a00zXi28zkv_xH5klml1IqyNyx9aABOu8wP6bAgbawubcVbsv3oO-VYOhrD-8f7s3mueWUU52Szj9b2CrSzeOqtQHeknA
Domain
content1.avantisvideo.com
URL
https://content1.avantisvideo.com/hls/environment_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings function| $ function| jQuery object| myAjax object| dataLayer object| astra function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| adsforwp_obj object| e object| adsforwp_browser_obj object| twemoji object| wp function| checkOrResult function| checkAndResult object| socialsnap_script function| ss_throttle object| socialsnapfields object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| IvorySearchVars function| ivory_search_analytics object| bootstrap function| loadMore object| google_llp object| googletag number| _swclk_ number| _swsts_ object| PushlySDK function| pushly function| gtag string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| avntsWebpackJsonp number| avnts_player number| link number| len object| avntsQ object| GoogleGcLKhOms object| com function| _avcp object| storageAni function| Hls object| google_image_requests

28 Cookies

Domain/Path Name / Value
untoldtea.com/ Name: PHPSESSID
Value: b167bc2ccea1be76eb32cbb740b262cd
.untoldtea.com/ Name: _ga_M28037773M
Value: GS1.1.1660071758.1.0.1660071758.0
.untoldtea.com/ Name: __gads
Value: ID=06586e5c8e65b352-225bf556eacd00a9:T=1660071758:RT=1660071758:S=ALNI_MYFCUK_lVIn2nEMw_D2zDoeWbirKA
.untoldtea.com/ Name: _pnvl
Value: false
.untoldtea.com/ Name: pushly.user_puuid
Value: CDlTAWj3bJFlhaSRmAwNyeGq4Pr3yH8v
.untoldtea.com/ Name: _pndnt
Value:
.doubleclick.net/ Name: DSID
Value: NO_DATA
.untoldtea.com/ Name: _ga
Value: GA1.2.1508202224.1660071758
.untoldtea.com/ Name: _gid
Value: GA1.2.1441690982.1660071760
.untoldtea.com/ Name: _gat_gtag_UA_105305343_4
Value: 1
.untoldtea.com/ Name: _pnlspid
Value: 14214
.untoldtea.com/ Name: _pnss
Value: dismissed
.untoldtea.com/ Name: _pnpdm
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUkxLuRqjno8kGrDEdfH2ejFHcNDRK5xygH0ScB4r4juFqpbSuVSbCYVzClr0SQ
.casalemedia.com/ Name: CMPS
Value: 1176
.rlcdn.com/ Name: rlas3
Value: GkQN0JT44dimiIuoq1bGQZohngm/ZeFKQI6JOq4B4Vw=
.agkn.com/ Name: u
Value: C|0CEAqhWvQKoVr0AAAAAAAAQ13AQCAAQpAAAAAAA
.agkn.com/ Name: ab
Value: 0001%3AsaJ%2Ff9GPf6OEhWAXfyHfJ1g6guhRUox6
.casalemedia.com/ Name: CMID
Value: YvKvUEbarfTEipg6GmMhrAAA
.casalemedia.com/ Name: CMPRO
Value: 5151
.casalemedia.com/ Name: CMTS
Value: 1167
.rlcdn.com/ Name: pxrc
Value: CNDeypcGEgUI6AcQABIGCOndKhAA
.quantserve.com/ Name: d
Value: EFYBCQHoJoEA
.quantserve.com/ Name: mc
Value: 62f2af50-8b612-ad221-d7f28
untoldtea.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: uuid2
Value: 6520085987891123327
.aniview.com/ Name: 2_C_55
Value: 6520085987891123327
sync.aniview.com/ Name: 2_C_55
Value: 6520085987891123327

1 Console Messages

Source Level URL
Text
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJApP-9kQd1UmlZeKaMnfIE&google_cver=1&google_push=AehlK4Dm7a00zXi28zkv_xH5klml1IqyNyx9aABOu8wP6bAgbawubcVbsv3oO-VYOhrD-8f7s3mueWUU52Szj9b2CrSzeOqtQHeknA
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
avm.avantisvideo.com
biddr.brealtime.com
c2shb.pubgw.yahoo.com
cdn.avantisvideo.com
cdn.p-n.io
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
content1.avantisvideo.com
d.agkn.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hb.emxdgt.com
id.rlcdn.com
image6.pubmatic.com
k.p-n.io
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
player.avplayer.com
region1.google-analytics.com
rtb.openx.net
secure.adnxs.com
ssum-sec.casalemedia.com
static.avantisvideo.com
stats.g.doubleclick.net
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
untoldtea.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
content1.avantisvideo.com
googlecm.hit.gemius.pl
104.17.119.107
104.18.18.126
104.36.113.23
142.250.184.194
18.66.112.6
185.89.210.212
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
216.58.212.130
2600:1f1c:a99:832c:e958:87e0:dc9b:7bb1
2600:9000:211a:aa00:1e:efeb:b400:93a1
2600:9000:2250:f800:8:9ed9:9c40:93a1
2600:9000:225e:7a00:3:748e:7940:93a1
2600:9000:2490:1000:1c:38a0:8a40:93a1
2606:4700:3032::ac43:a9f7
2606:4700:7::a29f:872a
2606:4700::6811:180e
2606:4700::6812:bcf
2a00:1450:4001:808::2003
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c0b::9c
2a00:1450:400e:803::200a
2a02:26f0:3500:595::2c79
2a02:26f0:3500:c::5c7b:6837
3.66.183.129
3.95.110.244
35.186.253.211
35.190.60.146
52.205.189.122
52.214.225.206
52.4.33.45
52.57.93.199
54.149.127.17
54.164.17.59
54.209.86.207
69.173.144.138
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
0690513378222f5c1ebf04ecf138a70dde6a79cdf576990421de58631a9e5e29
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2096f72c5f22628809e7c6271e1ce7e1747f33d98490230dbdd5d16d476618
0dc1aafbca8fd28e5b6b13dd47513e4a441e92f370c4171a2438e8ff3e5f9966
1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444
12d411fab4581991143974d4735693df196aa1d69fc41db2acd42c96ee38ba24
1352b560598924c5845123efc92550cb92213307fd41d40468a32220962a623d
14956007a3a1976ad341e80da9bd37969ab26f2fe2d189861523719cbf47415d
17004487df2f28397d53056fc2005ebdcc01a93f9a188c0aa891322c548a7829
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee
2171fad08ad72818af5d69d43092d3dc5af06c95a98e8d456da552290bdb2afe
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
3421cd1be0974f8e634c4a499ccb51876f2ad992e8c9703152e0f00b9bbe28a7
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
47155af482efe3d39c6353d59e4b5a3260bb9dc86095ce519d4e2248b43111e0
490aad00b6bd63b6f5c8fc32383df57a8a3f072080b41da92cc3c6f38de5a81e
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c3e54cb2c3090d23d9c1380c7309a033942aeeb7d595b968e90be75d26dff30
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429
5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509
7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43
7b54157daebe5f7409aa328edac3eedaad3a857bec0dc4a1e255596ffe08bb50
7d808f473df9242e29b4360126b8581260c4129b67804afb69fe65cd1c06e326
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86aa9e64139346a7561395aca7e35b23981f1bbd06363cbbd29109a1a208549a
86f8fd7a9518c2750ac969f6f346f0ede9c662f5b9b8483ce7a07a47aa0abea2
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5
8b64b8a44321360581598d63ec1719031fe2b811184723cae236c56375038e9b
8e3a7c03d6e80eb066480affc9f6de10cd5385b021a4557144ddf46691c4cb74
91a964a7a2ee2e2bb246cb8e1509b08f587703ddb9e9ea8a63ec5a0fc15aa40f
925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860
92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e
a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010
a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac
a90aca35a8ccddb6b126087e361d3b0f51ea363ba6ee1e99eda4cb3637f0b110
ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40
ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c407f13f39e7c59c2c3ea46ff049dd4dc2373c1f656243daf5a00593fc414e39
c576d283698ca89b20fde41b205ecea3f07bc91d64136b679d64775d3cd0bbcd
c59e55f3c5da2a46e07d25164e9e30ec29eeed48fe2d450c042302049b9b1a3f
c5e589617bec58c45103da60ec679daafe401e652ee2be76073ff75dc8a9a801
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
da380e464c375c94fb88968b3b86dbc3568455515fabae0ce17d80ebbd1876d8
da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e220666c7e2ad9897caf9c87af3302d00f5383da329649148beb3ede661a9da5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66d78d5f351d6676230268f7db5532d1e1211cfbacae7f5af2b25bfd457e0d5
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e89f34aaf9b8755da268cc46216ff9fbdd68686e174c3fcb87cc2945f5c17117
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29c531e02f8b403d71333e1c306e5cbd7e06cd4d8ca9f4b4cc17df524558370
f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc
f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e