getalldayslimmingtea.com Open in urlscan Pro
2606:4700:3033::6815:7de Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://emailaccelator.shop/mailsolution/index.php/campaigns/zf252g8c9l0c4/track-url/nl9947q1do2f2/7cbf4bdc44696812f8cbbb942...
Effective URL:
https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Submission: On October 22 via api (October 22nd 2024, 12:05:30 pm UTC) from US — Scanned from US

Summary HTTP 102 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 22 IPs in 2 countries across 19 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3033::6815:7de, located in United States and belongs to CLOUDFLARENET, US. The main domain is getalldayslimmingtea.com.
TLS certificate: Issued by WE1 on August 30th 2024. Valid for: 3 months.

This is the only time getalldayslimmingtea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	162.241.169.234 162.241.169.234	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1 1	91.197.243.143 91.197.243.143	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:303... 2606:4700:3033::6815:7de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	34.107.203.240 34.107.203.240	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2607:f8b0:400... 2607:f8b0:400d:c0c::5f	15169 (GOOGLE) (GOOGLE)
1	2400:52e0:1a0... 2400:52e0:1a00::1207:2	200325 (BUNNYCDN) (BUNNYCDN)
11	2400:52e0:1a0... 2400:52e0:1a00::1070:1	200325 (BUNNYCDN) (BUNNYCDN)
29	2607:f8b0:400... 2607:f8b0:400d:c00::84	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:38::15	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:400d:c0b::5e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:42fd	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:288d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:310... 2606:4700:3108::ac42:2b73	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a03:2880:f00... 2a03:2880:f003:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.202.21.90 35.202.21.90	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2001:4860:480... 2001:4860:4802:36::15	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700:303... 2606:4700:3036::ac43:be23	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700:303... 2606:4700:3032::6815:2713	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	35.192.151.63 35.192.151.63	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2600:1901:0:a... 2600:1901:0:a5e4::	15169 (GOOGLE) (GOOGLE)
20	2a03:2880:f10... 2a03:2880:f103:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
102	22

1 162.241.169.234 (United States) 1 redirects

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-169-234.unifiedlayer.com

emailaccelator.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.197.243.143 (None, ) 1 redirects

ASN16509 (AMAZON-02, US)

healthnews.mydailyhealthtips.shop	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::6815:7de (United States)

ASN13335 (CLOUDFLARENET, US)

getalldayslimmingtea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.203.240 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 240.203.107.34.bc.googleusercontent.com

static.leadpages.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.lpcontent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:400d:c0c::5f (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2400:52e0:1a00::1207:2 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

scripts.trackplay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2400:52e0:1a00::1070:1 (Chicago, United States)

ASN200325 (BUNNYCDN, SI)

media.trackplay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2607:f8b0:400d:c00::84 (Morganton, United States)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:38::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400d:c0b::5e (Morganton, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:42fd (United States)

ASN13335 (CLOUDFLARENET, US)

pixel.clickslogistics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:288d (United States)

ASN13335 (CLOUDFLARENET, US)

tracking.buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3108::ac42:2b73 (United States)

ASN13335 (CLOUDFLARENET, US)

buygoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f003:100:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.202.21.90 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 90.21.202.35.bc.googleusercontent.com

fitnessforwomen.lpages.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::15 (United States)

ASN15169 (GOOGLE, US)

js.center.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::ac43:be23 (United States)

ASN13335 (CLOUDFLARENET, US)

api-pixel.datadojo.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::6815:2713 (United States)

ASN13335 (CLOUDFLARENET, US)

e.trackplay.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.192.151.63 (United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 63.151.192.35.bc.googleusercontent.com

api.leadpages.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:a5e4:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

notify.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:2880:f103:181:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 47	159 KB
20	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	7 KB
20	trackplay.io scripts.trackplay.io media.trackplay.io e.trackplay.io	5 MB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	81 KB
5	gstatic.com fonts.gstatic.com	79 KB
4	leadpages.io api.leadpages.io — Cisco Umbrella Rank: 49366	2 KB
4	bugsnag.com sessions.bugsnag.com — Cisco Umbrella Rank: 923 notify.bugsnag.com — Cisco Umbrella Rank: 1744	192 B
2	buygoods.com tracking.buygoods.com — Cisco Umbrella Rank: 424911 buygoods.com — Cisco Umbrella Rank: 348768	2 KB
2	center.io js.center.io — Cisco Umbrella Rank: 58864	12 KB
2	leadpages.net static.leadpages.net — Cisco Umbrella Rank: 57714	29 KB
2	getalldayslimmingtea.com getalldayslimmingtea.com	91 KB
1	datadojo.ai api-pixel.datadojo.ai — Cisco Umbrella Rank: 298078	690 B
1	lpages.co fitnessforwomen.lpages.co
1	clickslogistics.com pixel.clickslogistics.com — Cisco Umbrella Rank: 333518	44 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 220	17 KB
1	lpcontent.net embed.lpcontent.net — Cisco Umbrella Rank: 66935	15 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
1	mydailyhealthtips.shop 1 redirects healthnews.mydailyhealthtips.shop	116 B
1	emailaccelator.shop 1 redirects emailaccelator.shop	255 B
102	19

	Domain	Requested by
29	lh3.googleusercontent.com	getalldayslimmingtea.com
20	www.facebook.com	getalldayslimmingtea.com
11	media.trackplay.io	getalldayslimmingtea.com scripts.trackplay.io
8	e.trackplay.io	scripts.trackplay.io
5	connect.facebook.net	getalldayslimmingtea.com connect.facebook.net
5	fonts.gstatic.com	fonts.googleapis.com
4	api.leadpages.io	js.center.io embed.lpcontent.net
2	notify.bugsnag.com	pixel.clickslogistics.com
2	sessions.bugsnag.com	pixel.clickslogistics.com
2	js.center.io	getalldayslimmingtea.com js.center.io
2	static.leadpages.net	getalldayslimmingtea.com
2	getalldayslimmingtea.com	getalldayslimmingtea.com
1	api-pixel.datadojo.ai	pixel.clickslogistics.com
1	fitnessforwomen.lpages.co	embed.lpcontent.net
1	buygoods.com	getalldayslimmingtea.com
1	tracking.buygoods.com	getalldayslimmingtea.com
1	pixel.clickslogistics.com	getalldayslimmingtea.com
1	cdnjs.cloudflare.com	getalldayslimmingtea.com
1	embed.lpcontent.net	getalldayslimmingtea.com
1	scripts.trackplay.io	getalldayslimmingtea.com
1	fonts.googleapis.com	getalldayslimmingtea.com
1	healthnews.mydailyhealthtips.shop	1 redirects
1	emailaccelator.shop	1 redirects
102	23

This site contains links to these domains. Also see Links.

Domain
buygoods.com

Subject Issuer	Validity	Valid
getalldayslimmingtea.com WE1	`2024-08-30` - `2024-11-28`	3 months	crt.sh
static.leadpages.net WR3	`2024-09-30` - `2024-12-29`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
scripts.trackplay.io R10	`2024-09-27` - `2024-12-26`	3 months	crt.sh
media.trackplay.io R11	`2024-09-21` - `2024-12-20`	3 months	crt.sh
*.googleusercontent.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
embed.lpcontent.net WR3	`2024-09-18` - `2024-12-17`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
js.center.io WR3	`2024-10-16` - `2025-01-14`	3 months	crt.sh
*.gstatic.com WR2	`2024-09-30` - `2024-12-23`	3 months	crt.sh
clickslogistics.com WE1	`2024-08-29` - `2024-11-27`	3 months	crt.sh
buygoods.com WE1	`2024-08-25` - `2024-11-23`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.lpages.co E6	`2024-08-08` - `2024-11-06`	3 months	crt.sh
*.bugsnag.com DigiCert TLS RSA SHA256 2020 CA1	`2024-03-20` - `2025-04-15`	a year	crt.sh
datadojo.ai WE1	`2024-09-19` - `2024-12-18`	3 months	crt.sh
trackplay.io WE1	`2024-10-21` - `2025-01-19`	3 months	crt.sh
*.leadpages.io E5	`2024-08-08` - `2024-11-06`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Frame ID: A17093985A44E6D668A7FE1BD13A7B06
Requests: 94 HTTP requests in this frame

Frame: https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7366&t=f8d55751315572f0300a301851463e5f&conversion=1&s=&o=null&ut=null
Frame ID: B1563CEABFD98BD709ECAA8EF98260CF
Requests: 1 HTTP requests in this frame

Frame: https://fitnessforwomen.lpages.co/serve-leadbox/QGjX6dk2ihZTtNYRBNVSoG/?aff_id=26143&subid=herbalnwx7
Frame ID: 87CEA474DB62210C37B7933FE01771EF
Requests: 1 HTTP requests in this frame

Frame: https://js.center.io/identify.html
Frame ID: 9DC1F2719BAFB76B44F54DFA60180FE4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Long-Forgotten Costa Rican Tradition Helped Me Melt 167Lbs

Page URL History Show full URLs

https://emailaccelator.shop/mailsolution/index.php/campaigns/zf252g8c9l0c4/track-url/nl9947q1do2f2/7cbf4... HTTP 301
https://healthnews.mydailyhealthtips.shop/YNCycI HTTP 302
https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7 Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Page Statistics

102
Requests

99 %
HTTPS

78 %
IPv6

19
Domains

23
Subdomains

22
IPs

2
Countries

6017 kB
Transfer

7203 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid20241022120516493&aff_id=26143&sid=herbalnwx7&account_id=7366&product_codename=6mon&redirect=aHR0cHM6Ly9nZXRhbGxkYXlzbGltbWluZ3RlYS5jb20vdXBzZWxsLTE=

Search URL Search Domain Scan URL

URL: https://buygoods.com/secure/checkout.html?sessid2=sessid20241022120516493&aff_id=26143&sid=herbalnwx7&account_id=7366&product_codename=3mon&redirect=aHR0cHM6Ly9nZXRhbGxkYXlzbGltbWluZ3RlYS5jb20vdXBzZWxsLTE=

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://emailaccelator.shop/mailsolution/index.php/campaigns/zf252g8c9l0c4/track-url/nl9947q1do2f2/7cbf4bdc44696812f8cbbb9425d4873b72c49fcb HTTP 301
https://healthnews.mydailyhealthtips.shop/YNCycI HTTP 302
https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

102 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request start Show response
getalldayslimmingtea.com/
Redirect Chain

https://emailaccelator.shop/mailsolution/index.php/campaigns/zf252g8c9l0c4/track-url/nl9947q1do2f2/7cbf4bdc44696812f8cbbb9425d4873b72c49fcb
https://healthnews.mydailyhealthtips.shop/YNCycI
https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

313 KB
45 KB

756ms
607ms

Document
text/html

2606:4700:3033::6815:7de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ab3afa442f542c5fb642d18baf8d2abd8bcc4ed438ba634e930f30fdb9b6644

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8d695aec8cce3354-EWR
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 12:05:22 GMT
expires: Tue, 22 Oct 2024 12:05:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1f4P3150oKGHg%2FN4XSaZ2iWj0ZTIuWZp8larqCog8TP1kQbfIrud4kK0n%2BFARoNKGmXbXp0PAwMxbBHPGmagObOIiAjmqEmXcEjM3qYOAbvQXxnI2DoOdRxCmg7xC6swU8L4a6hzTZs8MRzV2t2Xo9I7dKSUOmQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=10121&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4215&recv_bytes=4509&delivery_rate=812&cwnd=12000&unsent_bytes=0&cid=8507547b4e6706b8&ts=643&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding,User-Agent

Redirect headers

content-length: 0
date: Tue, 22 Oct 2024 12:05:21 GMT
location: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
x-powered-by: Short.io/Edge

GET
H2 200 all.min.css
static.leadpages.net/fonts/font-awesome/6.4.2/css/ 100 KB
26 KB 75ms
13ms Stylesheet
text/css 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/fonts/font-awesome/6.4.2/css/all.min.css
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

cache-control: public, max-age=31536000
content-encoding: gzip
etag: "wz5sMw"
age: 1026880
via: 1.1 google
expires: Fri, 10 Oct 2025 14:50:42 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26836
date: Thu, 10 Oct 2024 14:50:42 GMT
x-cloud-trace-context: 11c8d18958cbfdf49ef5ba10eaabba97;o=1
content-type: text/css
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 87ms
33ms Stylesheet
text/css 2607:f8b0:400d:c0c::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Poppins:300,400,500,700|Roboto:300,400,500,700

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c0c::5f Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

62e877a3e6349237529d1ef5b342eb5607420b3d2aac520c008dd2546cd111f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Tue, 22 Oct 2024 12:05:22 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 12:05:22 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Tue, 22 Oct 2024 12:05:22 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js Show response
scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/ 449 KB
136 KB 283ms
40ms Script
application/javascript 2400:52e0:1a00::1207:2
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1207:2 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1207 /
Resource Hash: 94239bf050be2c39e239e82ec2700502707ef1b7b36757a18aba756985070940

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
content-encoding: br
etag: "669650c1-702f2"
cdn-fileserver: 749
date: Tue, 22 Oct 2024 12:05:22 GMT
cdn-storageserver: NY-427
last-modified: Tue, 16 Jul 2024 10:51:45 GMT
content-type: application/javascript
vary: Accept-Encoding
cdn-cache: HIT
cdn-requestpullcode: 200
cdn-cachedat: 09/26/2024 11:58:55
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: 3e5a46c79ac954b832bd1b90f15ba428
cdn-pullzone: 2308794
cdn-proxyver: 1.04
cdn-edgestorageid: 894
server: BunnyCDN-IL1-1207
cdn-requestcountrycode: US

GET
H2 200 thumbnail.jpg
media.trackplay.io/af2597e0-199f-4ed7-9c36-a814bcbba5e9/ 53 KB
53 KB 206ms
70ms Image
image/jpeg 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.trackplay.io/af2597e0-199f-4ed7-9c36-a814bcbba5e9/thumbnail.jpg
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: ef00d758ed61a7ebb29e4032e0b066da95606c12d30e7530ee4ff779d51026b3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 833
date: Tue, 22 Oct 2024 12:05:22 GMT
cdn-storageserver: NY-268
content-type: image/jpeg
last-modified: Sun, 14 Jul 2024 12:34:13 GMT
cdn-cachedat: 10/16/2024 02:21:09
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: 858869db88f8c52220130108ce808dc4
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 53765
cdn-edgestorageid: 940
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H2 200 thumbnail.jpg
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/ 66 KB
67 KB 279ms
37ms Image
image/jpeg 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/thumbnail.jpg
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 0cc006eb54e79e4a2a2af8f816f08a006dc697a1429df1ac9a61aa5e86107886

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 837
date: Tue, 22 Oct 2024 12:05:22 GMT
cdn-storageserver: NY-427
content-type: image/jpeg
last-modified: Sun, 14 Jul 2024 12:34:25 GMT
cdn-cachedat: 10/03/2024 00:48:55
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 1
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: 3f1869259359ec5db05a9ba9f288e63b
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 67526
cdn-edgestorageid: 1070
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H2 200 Cx19H69o_i8IOc4PpCBHDnN07Vrth0rtdaU01Zc11EsKVx04siaYzNONcWVv_5Nrixrl7shf84arOx54Ff0cQpfiJOslCIH40g=s0
lh3.googleusercontent.com/ 29 KB
29 KB 122ms
32ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Cx19H69o_i8IOc4PpCBHDnN07Vrth0rtdaU01Zc11EsKVx04siaYzNONcWVv_5Nrixrl7shf84arOx54Ff0cQpfiJOslCIH40g=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

56135ed4bfbd0655dcd339cf9cf102f5f3783c17be75e66ca5759af5bfdb9298

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 29589
x-xss-protection: 0
server: fife

GET
H2 200 m437UYrB7QfEfocpS9uhgTu3oo_y55m6ZZiesm5V03EZjxmHNXYfmXzwmIUCugk1NzkLTrJOhmIX53UzC4fA-bvefKpdTvfbWsY=w16
lh3.googleusercontent.com/ 410 B
504 B 55ms
25ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/m437UYrB7QfEfocpS9uhgTu3oo_y55m6ZZiesm5V03EZjxmHNXYfmXzwmIUCugk1NzkLTrJOhmIX53UzC4fA-bvefKpdTvfbWsY=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

4b294a55d42a412690216907901164cccaa05c17c999452b6041a413d4fa66f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 410
x-xss-protection: 0
server: fife

GET
H2 200 pL7QLbhZxHWFE7tY9ztytTbCsbOXwMSavZM4PiJmWiF1_YacvEvICyUlZ8is7un_XZ1NQoznI7Wa2ykuqqDDyMMbO6iTN7Er8mY=s0
lh3.googleusercontent.com/ 10 KB
11 KB 54ms
25ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pL7QLbhZxHWFE7tY9ztytTbCsbOXwMSavZM4PiJmWiF1_YacvEvICyUlZ8is7un_XZ1NQoznI7Wa2ykuqqDDyMMbO6iTN7Er8mY=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

32fd068cac2e898f8f171810fc3017571ec5968fdcdf2991f9b286c648c5ef65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10725
x-xss-protection: 0
server: fife

GET
H2 200 SIh9RMuR9y-uj37Rj34a00RRTXzvuEZWQ_WUmUXC8lY0KVHgW6W7_OI24YHPj3CBQYGatx-QW8fMX29yO8SMVmYh-aQsLlLK5SA=s0
lh3.googleusercontent.com/ 9 KB
9 KB 54ms
26ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/SIh9RMuR9y-uj37Rj34a00RRTXzvuEZWQ_WUmUXC8lY0KVHgW6W7_OI24YHPj3CBQYGatx-QW8fMX29yO8SMVmYh-aQsLlLK5SA=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

15f2cc40d24744c7ffa4fa25104648886d49757c15472b3c680eaa4983454e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 8760
x-xss-protection: 0
server: fife

GET
H2 200 Mbw_7sWFnJIBOuHfb8xBUuho0FbYNZpvtsudWr-G_yBS0kJxS-qcUEGa_Vq1klwsVSys6-sP2U9tgDjM5yPQx-OTwn4xmydI1vE=w16
lh3.googleusercontent.com/ 666 B
729 B 54ms
26ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Mbw_7sWFnJIBOuHfb8xBUuho0FbYNZpvtsudWr-G_yBS0kJxS-qcUEGa_Vq1klwsVSys6-sP2U9tgDjM5yPQx-OTwn4xmydI1vE=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c851e5130fd9f546b6b1b6a9184fd68fead99dbbe4e97283303a11d7a5802b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 666
x-xss-protection: 0
server: fife

GET
H2 200 wVNgWUIEX6pSl0F4uskGHA-EBdR0t-ZLhs5jzCoWUTdHXfKPgGSxiEh3XX1NH2oWZWm93QtMEA80Vzu0UyqlXxuyuRGgOpP2JQ=s0
lh3.googleusercontent.com/ 4 KB
4 KB 50ms
23ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/wVNgWUIEX6pSl0F4uskGHA-EBdR0t-ZLhs5jzCoWUTdHXfKPgGSxiEh3XX1NH2oWZWm93QtMEA80Vzu0UyqlXxuyuRGgOpP2JQ=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

b5d5cf5c37a9158205dc0651570590eb7b6334ea48c603e5793b2f0e3001ddb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 4090
x-xss-protection: 0
server: fife

GET
H2 200 6TesmQij9z7w9DTwMADJIdxxtWQMys47psSxugKJuwUKfwrK_zI-yHx_tCHNNLsAnKIQzKlwwaWzHWA16hJ2078iwvvKoMo1cw=s0
lh3.googleusercontent.com/ 4 KB
4 KB 51ms
24ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/6TesmQij9z7w9DTwMADJIdxxtWQMys47psSxugKJuwUKfwrK_zI-yHx_tCHNNLsAnKIQzKlwwaWzHWA16hJ2078iwvvKoMo1cw=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e94a706682636396ec4f9a4e73085a4864aced01eff618ce30e63c21edb6eab4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 4474
x-xss-protection: 0
server: fife

GET
H2 200 -pmGFEX9E-HOr59gU-IW908h5vtb8nDRQ1zl0Kuj4xqjz2-I1wSO2X37x-Hqy9rakyezentLnaQURHX8Yxy9wRvF8EA9KMn4Ae25=w16
lh3.googleusercontent.com/ 388 B
451 B 50ms
24ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/-pmGFEX9E-HOr59gU-IW908h5vtb8nDRQ1zl0Kuj4xqjz2-I1wSO2X37x-Hqy9rakyezentLnaQURHX8Yxy9wRvF8EA9KMn4Ae25=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

082a4c31a794f52c5d1c716d9fa53ec047ebf0c754cb17552956c27cb1f98905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 388
x-xss-protection: 0
server: fife

GET
H2 200 Y6CXi-tC894w43kcxxq9CEuHlAmPS9IasKu7_iV31lpb2YmU-cevJLYGrbB44DuI1csS9Li3UKyG4qNR0OU-BhlxHC1oEoyesgE=s0
lh3.googleusercontent.com/ 12 KB
12 KB 82ms
47ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Y6CXi-tC894w43kcxxq9CEuHlAmPS9IasKu7_iV31lpb2YmU-cevJLYGrbB44DuI1csS9Li3UKyG4qNR0OU-BhlxHC1oEoyesgE=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

49cdda2a82f71b562489b78a4f5e69080e89cf2aa7479cd5444e7d50011b5c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 12106
x-xss-protection: 0
server: fife

GET
H2 200 vA2ZfZTLiiQezY40DuZrQDSh3R6jqGeaZSBnar2eYmRaEiXUIIUNObhdDQlEgT8oaFkRxqVXfobeNaYpW70A5afYjbmdmzQ55LM=w16
lh3.googleusercontent.com/ 403 B
466 B 82ms
48ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/vA2ZfZTLiiQezY40DuZrQDSh3R6jqGeaZSBnar2eYmRaEiXUIIUNObhdDQlEgT8oaFkRxqVXfobeNaYpW70A5afYjbmdmzQ55LM=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2998bfa97714fb4ec5345749864e23baefdf466d5eeeaf8e724245249c06859e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 403
x-xss-protection: 0
server: fife

GET
H2 200 avY2KNHwj3etHoi-jWobZaD7TEx0JSs7KKFiA89MYSgo4NeDEqdf93vDmiQT0KxzRVZ9lB7Zvm9Et-nKXrRwzKo50E-SFBOhne0=w16
lh3.googleusercontent.com/ 525 B
588 B 81ms
47ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/avY2KNHwj3etHoi-jWobZaD7TEx0JSs7KKFiA89MYSgo4NeDEqdf93vDmiQT0KxzRVZ9lB7Zvm9Et-nKXrRwzKo50E-SFBOhne0=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0fc3b30d4aa9c1a379b4bc8362efb5776360c7fe5ea4920ea30a55489d94c9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 525
x-xss-protection: 0
server: fife

GET
H2 200 fK72TVhqVT7xTyA4eKulOC7mdtkUHbZsP1xLCEpTmEO9TYukhob-mth8JyE6Udg8VG_L4x6tAG0dagdaS5ZudRkduUiEuf6p9nh8=w16
lh3.googleusercontent.com/ 500 B
562 B 83ms
49ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/fK72TVhqVT7xTyA4eKulOC7mdtkUHbZsP1xLCEpTmEO9TYukhob-mth8JyE6Udg8VG_L4x6tAG0dagdaS5ZudRkduUiEuf6p9nh8=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

fa17c07b381901ab4f6376f0caec7b3459ed28fe5599a3b8306030f4351abe13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 500
x-xss-protection: 0
server: fife

GET
H2 200 TKECVAMjWQD00vEMBW4XxgkYSKRIGtKqbWBBW4FibVV8zXeeoAEDstkqAhH3T8S5w855D07V5CrmMCrCt0LtM_c2uT_LJKqH2A=w16
lh3.googleusercontent.com/ 498 B
561 B 84ms
50ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/TKECVAMjWQD00vEMBW4XxgkYSKRIGtKqbWBBW4FibVV8zXeeoAEDstkqAhH3T8S5w855D07V5CrmMCrCt0LtM_c2uT_LJKqH2A=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e418c7f2dc09a6d4a9579afb0b8fb1c44492fed06fb71d8fb334a3ddd067636f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 498
x-xss-protection: 0
server: fife

GET
H2 200 D2aCsE5lDeWtdvbqv6wUBmbRORdsa9k0_HoxuBANgkAxeBNqHY44ZEmp4ayS17ynakggbsVcfkcM20p3rNa5T3GFAT1GFboSHUmh=w16
lh3.googleusercontent.com/ 966 B
1 KB 76ms
43ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/D2aCsE5lDeWtdvbqv6wUBmbRORdsa9k0_HoxuBANgkAxeBNqHY44ZEmp4ayS17ynakggbsVcfkcM20p3rNa5T3GFAT1GFboSHUmh=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1d3c69200c0e585c4e4ae0839689c10b303a31496a267d2d87de775e44c52f41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 966
x-xss-protection: 0
server: fife

GET
H2 200 8S5Hmf1LgDTmvldAXgzd1OagPaapIkn3pH2MESKXTmk8OClq3PyXddTvQtSEks6cpqvtzGCl7cCG2blw4u64FxktzkL1TZ0euds=w16
lh3.googleusercontent.com/ 365 B
428 B 72ms
41ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/8S5Hmf1LgDTmvldAXgzd1OagPaapIkn3pH2MESKXTmk8OClq3PyXddTvQtSEks6cpqvtzGCl7cCG2blw4u64FxktzkL1TZ0euds=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

e2d86bb8e20bd418135f141d753dff03c8036423ebdf256770789361d48e2128

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 365
x-xss-protection: 0
server: fife

GET
H2 200 zCv7gAHDfxau_9Q69sJ1oPPAs8-XWpTvjoq449AuIINiWRJ2gd8Yux7lOX3FaSvxvTx45Z6C_CZDR3oiSQne_fxDRyHWanJxLbQ=w16
lh3.googleusercontent.com/ 3 KB
4 KB 72ms
41ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/zCv7gAHDfxau_9Q69sJ1oPPAs8-XWpTvjoq449AuIINiWRJ2gd8Yux7lOX3FaSvxvTx45Z6C_CZDR3oiSQne_fxDRyHWanJxLbQ=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

14644cde2b4cfe885b8e0e4eacc115cfcd054ba6d5582af4a1fe4bd952fc16b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3549
x-xss-protection: 0
server: fife

GET
H2 200 bJkZBjVzCr6HyKH0xgNXPZ_zl8OQrZ1ISsRxJyaU6zTESOpEQPxE7w1_pSVQl0uz0aATLOnLBYOOJkguEXaOFrURDt-XQXxeny-9=w16
lh3.googleusercontent.com/ 502 B
564 B 79ms
48ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/bJkZBjVzCr6HyKH0xgNXPZ_zl8OQrZ1ISsRxJyaU6zTESOpEQPxE7w1_pSVQl0uz0aATLOnLBYOOJkguEXaOFrURDt-XQXxeny-9=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

41ba9c4e932e024a0c1a1828bcfd8d0b9ef01b0e1be54f82523f32cfdc2bb1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 502
x-xss-protection: 0
server: fife

GET
H2 200 JIwaiZ-4-TPkXeuSAFJ05KQY9u5APEmWJTRHCrhrFnKw6loW813-4SbLnKmIWreYPO63ATYGin6olOceaCNWzZBn5SFAuWJF9BQ=w16
lh3.googleusercontent.com/ 4 KB
4 KB 74ms
44ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/JIwaiZ-4-TPkXeuSAFJ05KQY9u5APEmWJTRHCrhrFnKw6loW813-4SbLnKmIWreYPO63ATYGin6olOceaCNWzZBn5SFAuWJF9BQ=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

30c42386a99e882f1d702375d8d83b332d1b53c4b72492ec591f3ffe850bbb7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3600
x-xss-protection: 0
server: fife

GET
H2 200 p1AH7-xpG2dQ_lRBtO3XSiqd-OUlM5oSERHlNQmt0C3l6JAPG28W972ZN89V2pAtRC7XhhO7T-wSEa80EIKFFtEoxGw4R21VaRXv=s0
lh3.googleusercontent.com/ 4 KB
4 KB 80ms
50ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/p1AH7-xpG2dQ_lRBtO3XSiqd-OUlM5oSERHlNQmt0C3l6JAPG28W972ZN89V2pAtRC7XhhO7T-wSEa80EIKFFtEoxGw4R21VaRXv=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

ae812326d12cc93f1c9b9b39f05573ed58f7b105a1ee006a6d8f1e2c3f911b66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 4355
x-xss-protection: 0
server: fife

GET
H2 200 QKSkdlxZYRgM6o30GFBnAv10j6_2PzlIapkJy2tZROMqVGVTP07NDYVisYof8UammXHDOujuxP6ZNwrqcY-NoPCAFMRNds6ixxE=w16
lh3.googleusercontent.com/ 4 KB
4 KB 74ms
45ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/QKSkdlxZYRgM6o30GFBnAv10j6_2PzlIapkJy2tZROMqVGVTP07NDYVisYof8UammXHDOujuxP6ZNwrqcY-NoPCAFMRNds6ixxE=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0931062415f74d92275522b4c1a8c5bf87ca9db084e219df50386fe3b92c494a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3601
x-xss-protection: 0
server: fife

GET
H2 200 cBfTAnTBbM2RL2IYy4rBmFrsGh2T1CbRZJPocgzTxTaAnTqATLG01cnSC-PZaKGklJHYpz9ahnl9muVY2oFeYovckiLiz2ppX1Y=s0
lh3.googleusercontent.com/ 706 B
769 B 69ms
40ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/cBfTAnTBbM2RL2IYy4rBmFrsGh2T1CbRZJPocgzTxTaAnTqATLG01cnSC-PZaKGklJHYpz9ahnl9muVY2oFeYovckiLiz2ppX1Y=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

3ad280764026187561b0bf951894e0f818901b58745064c956ffead1227ba3d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 706
x-xss-protection: 0
server: fife

GET
H2 200 MYXzhJNCuCFWKu8PNoGPJuLCXhRLMPOdq7Ofp2pwM45h0wHb5Se8cLEpdBZW5cqlAIvAviTv0U4LTO_oNpx-dclxHQU2hsOb7uQ=w16
lh3.googleusercontent.com/ 4 KB
4 KB 77ms
48ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/MYXzhJNCuCFWKu8PNoGPJuLCXhRLMPOdq7Ofp2pwM45h0wHb5Se8cLEpdBZW5cqlAIvAviTv0U4LTO_oNpx-dclxHQU2hsOb7uQ=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

bbcaeca815d451dde72f4760e36671e7a2bf42dd4cc88ec3d968886ff4e0a2d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3589
x-xss-protection: 0
server: fife

GET
H2 200 PY2PeSUYx2yVKPbVt4yfgI-Mo3ML1iolbYktWnJ60AbOwjxYDhSV1djowIHuF0ZaWRY8itXP4GYURQ6XspP8UfIb7o6utsIqYw=w16
lh3.googleusercontent.com/ 4 KB
4 KB 70ms
42ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/PY2PeSUYx2yVKPbVt4yfgI-Mo3ML1iolbYktWnJ60AbOwjxYDhSV1djowIHuF0ZaWRY8itXP4GYURQ6XspP8UfIb7o6utsIqYw=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

365708e81e4786ca59e61ac371e936b63334308efccb3f9cb6b967b426e53f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3593
x-xss-protection: 0
server: fife

GET
H2 200 XybUhfZBvLZ0nwgKHiaSkJoYLJ9QBzeLFE8UasbvO2JvY2zBmsQtVuMsfS8w36lCc0Ji-flzrt4UTbNyShyoofbMugq05xhCzA=w16
lh3.googleusercontent.com/ 4 KB
4 KB 71ms
43ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/XybUhfZBvLZ0nwgKHiaSkJoYLJ9QBzeLFE8UasbvO2JvY2zBmsQtVuMsfS8w36lCc0Ji-flzrt4UTbNyShyoofbMugq05xhCzA=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6752677deb8496e0caf2f747d5fa7ecf04f266fbb76778b79cf3696937f27935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3592
x-xss-protection: 0
server: fife

GET
H2 200 1X3BQoVN_KwHQyXZB1C6HJP9LiJnWLQbNUfoHLKfdHt4_uZaLDVdV9pdXGkMuEDBP6BLAeUuGCxIe45h4fJBdjDFgu5mDqGUPxI=w16
lh3.googleusercontent.com/ 3 KB
4 KB 77ms
49ms Image
image/jpeg 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/1X3BQoVN_KwHQyXZB1C6HJP9LiJnWLQbNUfoHLKfdHt4_uZaLDVdV9pdXGkMuEDBP6BLAeUuGCxIe45h4fJBdjDFgu5mDqGUPxI=w16

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

37ce391cc50c2cd81db3e1b29696ae13ad3c5bd6e156db15518b4b260bed0950

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 3572
x-xss-protection: 0
server: fife

GET
H2 200 g9P-nsj6043iR9VXIVtxg_2IQ80j4KavQqIypCq1oCqW1a9nsntpKYBvk-4JzUg70esay-JlEnoCACgULIGIUKRchp3T21Xfodg=s0
lh3.googleusercontent.com/ 3 KB
3 KB 67ms
40ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/g9P-nsj6043iR9VXIVtxg_2IQ80j4KavQqIypCq1oCqW1a9nsntpKYBvk-4JzUg70esay-JlEnoCACgULIGIUKRchp3T21Xfodg=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

efd6eca40480ec8012a46a12581f30ec5f80592d1a94cb043b7956423cd2e842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 2662
x-xss-protection: 0
server: fife

GET
H2 200 yq0qjzomSQ8famWw61mzrsq0_drqvJso6LA_PnPEd0PAB1TNbTPTAPTKkBI0mVGiCuQMkdRsceP6UiilXbXX-U8AYRo2SmAx6Q=s0
lh3.googleusercontent.com/ 7 KB
7 KB 72ms
45ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/yq0qjzomSQ8famWw61mzrsq0_drqvJso6LA_PnPEd0PAB1TNbTPTAPTKkBI0mVGiCuQMkdRsceP6UiilXbXX-U8AYRo2SmAx6Q=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

986f09cb1717226f1d380626a902f700d373b4ca78b491cb43d3e7246297f7ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 6930
x-xss-protection: 0
server: fife

GET
H2 200 WpfcfUTyNuvl6yG15Ci3OgYXwLzyoMeTSRnEC6BG_5FVOenf54UGwxCXd6hXShr0r55pwjPFjwen4_wewVWMmMS9zmvdDuuLeA=s0
lh3.googleusercontent.com/ 14 KB
14 KB 86ms
59ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/WpfcfUTyNuvl6yG15Ci3OgYXwLzyoMeTSRnEC6BG_5FVOenf54UGwxCXd6hXShr0r55pwjPFjwen4_wewVWMmMS9zmvdDuuLeA=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

c927eaffaf8c6af3b9014a859b9c94e31baca362d3f9e44de991944cdbf7d61c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14091
x-xss-protection: 0
server: fife

GET
H2 200 _CasnNVpTEcNYe8e_yjQu6vcbYJ1MTikEW_B_MEsCGKEfw5yyuZc9y8MKdTgZcnKk8xiO9-DxN1lnNnIoeiBP9y82HKVxIn2imOT=s0
lh3.googleusercontent.com/ 32 KB
32 KB 88ms
62ms Image
image/png 2607:f8b0:400d:c00::84
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/_CasnNVpTEcNYe8e_yjQu6vcbYJ1MTikEW_B_MEsCGKEfw5yyuZc9y8MKdTgZcnKk8xiO9-DxN1lnNnIoeiBP9y82HKVxIn2imOT=s0

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:400d:c00::84 Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

1e6868d195b280ddfce069c2efa9d6c4bc343f25de83c415f90bf5f61dc94634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

access-control-expose-headers: Content-Length
etag: "v1"
age: 10085
x-content-type-options: nosniff
expires: Wed, 23 Oct 2024 09:17:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 09:17:17 GMT
content-disposition: inline;filename="unnamed.png"
content-type: image/png
vary: Origin
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
access-control-allow-origin: *
content-length: 32309
x-xss-protection: 0
server: fife

GET
H2 200 embed.js Show response
embed.lpcontent.net/leadboxes/current/ 42 KB
15 KB 116ms
10ms Script
application/javascript 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cache-control: public, max-age=300
content-encoding: gzip
etag: "U0Ffwg"
age: 256
via: 1.1 google
expires: Tue, 22 Oct 2024 12:06:06 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14811
date: Tue, 22 Oct 2024 12:01:06 GMT
x-cloud-trace-context: ca312bd065d300cbbfbea180168504a8
content-type: application/javascript
server: Google Frontend
vary: Accept-Encoding

GET
H3 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/ 57 KB
17 KB 84ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.26.0/moment.min.js

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "5ec4d334-e5ee"
age: 1086915
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=veb%2BwZ7R4D7T42b1XI81Wai1uBira%2FXvUcTXNQYtCxO7D9oL3AGF8sM4n0JA2l0hWeIr9EBjtNU3X7HTOMnC%2Byvbnn9S3G1KEWHAUYopiqlFFWvdBxV8DKPTjM6psQOIhpG3I3NSxsDBmfedw4hLHm3k"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Sun, 12 Oct 2025 12:05:22 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:22 GMT
content-type: application/javascript; charset=utf-8
last-modified: Wed, 20 May 2020 06:50:28 GMT
vary: Accept-Encoding
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8d695af17b95c466-EWR
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16963
server: cloudflare

GET
H2 200 center.js Show response
js.center.io/ 12 KB
12 KB 150ms
26ms Script
application/javascript 2001:4860:4802:38::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/center.js
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cache-control: public, max-age=300
etag: "OMWYXg"
age: 64
expires: Tue, 22 Oct 2024 12:09:18 GMT
content-length: 12555
date: Tue, 22 Oct 2024 12:04:18 GMT
x-cloud-trace-context: 82caa2e89f087a2c2e8e63d2be2edf31
content-type: application/javascript
server: Google Frontend

GET
H3 200 pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 111ms
43ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Poppins:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://getalldayslimmingtea.com
Referer: https://fonts.googleapis.com/

Response headers

age: 237
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 22 Oct 2025 12:01:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 22 Oct 2024 12:01:25 GMT
last-modified: Fri, 22 Mar 2024 00:00:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7816
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 113ms
47ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Poppins:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://getalldayslimmingtea.com
Referer: https://fonts.googleapis.com/

Response headers

age: 559096
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 00:47:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 00:47:06 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 93ms
28ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Poppins:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://getalldayslimmingtea.com
Referer: https://fonts.googleapis.com/

Response headers

age: 559117
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 00:46:45 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 00:46:45 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 8 KB
8 KB 92ms
28ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Poppins:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://getalldayslimmingtea.com
Referer: https://fonts.googleapis.com/

Response headers

age: 559116
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 16 Oct 2025 00:46:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 16 Oct 2024 00:46:46 GMT
last-modified: Fri, 22 Mar 2024 00:00:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 7884
x-xss-protection: 0
server: sffe

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v32/ 18 KB
18 KB 98ms
33ms Font
font/woff2 2607:f8b0:400d:c0b::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:300,400,500,700|Poppins:300,400,500,700|Roboto:300,400,500,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:400d:c0b::5e Morganton, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://getalldayslimmingtea.com
Referer: https://fonts.googleapis.com/

Response headers

age: 567108
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Wed, 15 Oct 2025 22:33:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 15 Oct 2024 22:33:34 GMT
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 18536
x-xss-protection: 0
server: sffe

GET
H3 200 load.js Show response
pixel.clickslogistics.com/ 165 KB
44 KB 122ms
30ms Script
application/javascript 2606:4700:3033::6815:42fd
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.clickslogistics.com/load.js?id=668316e029a690b5ac3df99a
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:42fd , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3bdbf857bb1acdf48b0076a1b703142859a44bf5615f53efb914b18d23d20254

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"load.c5230890a5.js"
age: 130945
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ALk0NkuZ%2Fgb4BkeY5yb77rBnzE3fLu0OW8yCvxp4n5JcUq5Q9rbbSOHms7HzrUzpuz%2BrtA%2F4V3K0TNZUUosyKDkibEup1nIFtUPlH7o%2FUJ3UQ63g1zsM8O8%2BJg6hOanIx5wVnGUvKxSWdSmcQw%2B1Dt3RJJqT1%2Byq"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d695af21ecdde99-EWR
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9576&sent=14&recv=10&lost=0&retrans=0&sent_bytes=4251&recv_bytes=4344&delivery_rate=46829&cwnd=12000&unsent_bytes=0&cid=51d398fa7d139931&ts=42&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 12:05:22 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: cloudflare
priority: u=3,i=?0

GET
H3 200 / Show response
tracking.buygoods.com/track/ 7 KB
2 KB 139ms
68ms Script
application/javascript 2606:4700:3108::ac42:288d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://tracking.buygoods.com/track/?a=7366&firstcookie=0&tracking_redirect=&referrer=&sessid2=&product=sample,3mon,6mon,3monu&vid1=&vid2=&vid3=&caller_url=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:288d , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b83df39b4af22746878b487773a81f4584e48579954a6b7dd2f9995078e822c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: gzip
cf-cache-status: DYNAMIC
expires: Tue, Jan 12 1999 01:01:01 GMT
alt-svc: h3=":443"; ma=86400
p3p: CP="CAO COR CURa ADMa DEVa OUR IND ONL COM DEM PRE"
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
x-server: WEB_6
strict-transport-security: max-age=15552000; includeSubDomains
cache-control: no-cache, must-revalidate
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 8d695af299ee43f2-EWR
access-control-allow-origin: *
server: cloudflare

GET
H3 200 bg
buygoods.com/affiliates/go/conversion/iframe/ Frame B156 0
0 199ms
125ms Document
text/html 2606:4700:3108::ac42:2b73
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buygoods.com/affiliates/go/conversion/iframe/bg?a=7366&t=f8d55751315572f0300a301851463e5f&conversion=1&s=&o=null&ut=null

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3108::ac42:2b73 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

Referer: https://getalldayslimmingtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d695af2af03c35e-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 22 Oct 2024 12:05:23 GMT
server: cloudflare
server-timing: cfCacheStatus;desc="DYNAMIC"
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-server: WEB_2

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 227 KB
58 KB 54ms
17ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:22 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4462, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: 9mcoUpL6l+a6gwxQuDXw+xVn4268hfVXVD9n8FqUo2I9a2Qvnl0WXtBrHYd7CIWh0DLHPE3NC7msC+sRmyBU6w==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59352
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
fitnessforwomen.lpages.co/serve-leadbox/QGjX6dk2ihZTtNYRBNVSoG/ Frame 87CE 0
0 249ms
90ms Document
text/html 35.202.21.90
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://fitnessforwomen.lpages.co/serve-leadbox/QGjX6dk2ihZTtNYRBNVSoG/?aff_id=26143&subid=herbalnwx7

Requested by

Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

35.202.21.90 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

90.21.202.35.bc.googleusercontent.com

Software

Leadpages /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://getalldayslimmingtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control: no-cache
content-encoding: br
content-type: text/html
date: Tue, 22 Oct 2024 12:05:23 GMT
etag: W/"9918ae179c215b54896fdef1f4c8c17c"
last-modified: Mon, 12 Aug 2024 19:36:47 GMT
server: Leadpages
strict-transport-security: max-age=15768000
vary: Accept-Encoding
x-cache: MISS, HIT

GET
H2 200 identify.html
js.center.io/ Frame 9DC1 0
0 72ms
25ms Document
text/html 2001:4860:4802:36::15
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.center.io/identify.html
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::15 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend /
Resource Hash

Request headers

Referer: https://getalldayslimmingtea.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

age: 209
cache-control: public, max-age=300
content-encoding: gzip
content-length: 2016
content-type: text/html
date: Tue, 22 Oct 2024 12:01:54 GMT
etag: "OMWYXg"
expires: Tue, 22 Oct 2024 12:06:54 GMT
server: Google Frontend
x-cloud-trace-context: 61ec683f531ea7c4066e654cd21122e4

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 142ms
99ms Preflight 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://getalldayslimmingtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
via: 1.1 google

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
88 B 76ms
71ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: pixel.clickslogistics.com
URL: https://pixel.clickslogistics.com/load.js?id=668316e029a690b5ac3df99a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Bugsnag-Api-Key: a079c63595e6afb29a62a265bf5c2c1b
Referer: https://getalldayslimmingtea.com/
Bugsnag-Sent-At: 2024-10-22T12:05:23.026Z
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/json

GET
H3 400 hem-provider Show response
api-pixel.datadojo.ai/public/api/v1/data-provider/ 40 B
690 B 117ms
47ms XHR
application/json 2606:4700:3036::ac43:be23
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-pixel.datadojo.ai/public/api/v1/data-provider/hem-provider?pixel_id=668316e029a690b5ac3df99a&url=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7
Requested by: Host: pixel.clickslogistics.com
URL: https://pixel.clickslogistics.com/load.js?id=668316e029a690b5ac3df99a
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:be23 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e647723b44f5312d8f01954c002b2787d32effd45ee17a859f223eeb59a767f3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json
Referer: https://getalldayslimmingtea.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
access-control-allow-credentials: false
access-control-allow-methods: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xuVJToDSZOma1cx8lpXBllldrmHVDWx0slvCwOmu6trlqC5h76W9Bv651m%2FdElEn4D7NX59KJl1QngBIKOWDn2NXqq5Ka342KRaI131EgEeNiGcR1DVpiJi5PLZuVAHGVT3WrMynG7P6ztSwuoHVBwDnJ6U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d695af38d1a1971-EWR
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
content-length: 40
server-timing: cfL4;desc="?proto=QUIC&rtt=26645&sent=10&recv=7&lost=0&retrans=0&sent_bytes=4113&recv_bytes=4361&delivery_rate=114594&cwnd=12000&unsent_bytes=0&cid=fdf34ffeee84af2b&ts=55&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/json
server: cloudflare
priority: u=1,i
access-control-allow-headers: *

OPTIONS
H3 204 x
e.trackplay.io/ Frame 0
0 132ms
36ms Preflight 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://getalldayslimmingtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d695af3cd66437a-EWR
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=agTBxDjzr1cSSeLXmUbFmwSsINEeGo7MB6hytkWCr4FvM1BMGiwwkTEkZ%2B1fXGPbz%2FPYH4Bj1xnGkNZAoT9fG1aM6dVoJ4RQy%2BLpcJCVW1PyWVo2LpHPTl3ftk31a1EVK92SmUBKO5GttkvaNA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=10848&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4179&recv_bytes=4647&delivery_rate=37817&cwnd=12000&unsent_bytes=0&cid=d918b46a93ad75dd&ts=42&x=1" cfExtPri cfHdrFlush;dur=0
vary: Origin, Access-Control-Request-Headers

POST
H3 200 x
e.trackplay.io/ 13 B
706 B 210ms
193ms Ping
application/json 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://getalldayslimmingtea.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: W/"d-omrXeIgYnMXWlzu4GORfRIYoxcE"
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5e3tWkFGRb7J8YiDxF3HEFm5hRAOsxP2%2FMfqgYpH6i3xcBI%2BvUyYatAExNt0Xsfa4%2F3jnqRZ3Pml3LxpGqYCNUhlcEq%2FcjeNWyciO7dlwpFjgkO3gOVukJ6P2bmmqnXMovXysNxOAGF7hDMGhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d695af42967de93-EWR
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
content-length: 13
server-timing: cfL4;desc="?proto=QUIC&rtt=10384&sent=18&recv=20&lost=0&retrans=0&sent_bytes=6478&recv_bytes=7414&delivery_rate=24576&cwnd=12000&unsent_bytes=0&cid=60cb019e733a0b9c&ts=197&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare
priority: u=4,i

GET
H3 404 undefined
getalldayslimmingtea.com/ 45 KB
45 KB 323ms
322ms Image
text/html 2606:4700:3033::6815:7de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://getalldayslimmingtea.com/undefined
Requested by: Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:7de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef0a8609c9c0b0310d7c17e1086356ac326f4d448a67aabdacf10d59455dc21a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Response headers

link: <https://getalldayslimmingtea.com/wp-json/>; rel="https://api.w.org/"
cache-control: no-cache, must-revalidate, max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LH2B1QpMewGxa7QQhGlRBzu6HZp1VBcme3CVKAWnp%2FO5xoEHaGa7Afqc73TsguVPx%2BPMUJPQ1nrqNz06QT%2FHyTxUqosdGqcBaS5hi4Fhx3tLMfHQ%2BlVG3aPmL6sGc7eW0AmHQaj24%2BhT4GplcMLvv43KlR2IHHg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d695af35af23354-EWR
expires: Wed, 11 Jan 1984 05:00:00 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=17512&sent=77&recv=37&lost=20&retrans=20&sent_bytes=74567&recv_bytes=6259&delivery_rate=430461&cwnd=13524&unsent_bytes=0&cid=8507547b4e6706b8&ts=1435&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding,User-Agent
server: cloudflare
priority: u=3,i

GET
H2 200 playlist.m3u8 Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/ 336 B
903 B 97ms
33ms XHR
application/vnd.apple.mpegurl 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/playlist.m3u8
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 45309533901e2d924b6db10055b7397e199f6f73dbdc25289424ef7d08e40a7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: gzip
cdn-fileserver: 341
date: Tue, 22 Oct 2024 12:05:23 GMT
cdn-storageserver: NY-267
last-modified: Sun, 14 Jul 2024 12:53:25 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cdn-cachedat: 10/20/2024 02:58:42
cache-control: public, max-age=30
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: c85796a760282b416a1f00351eed07a1
cdn-pullzone: 2161927
cdn-proxyver: 1.04
access-control-allow-origin: *
cdn-edgestorageid: 1068
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce55ba35c68b27feb1b41633f980f10678d45b5ce482da1030baf5a33568e30c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/events/ 35 B
672 B 158ms
40ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/events/capture?k=view&a=leadpage&l=ir2ZmpHHfC8kwid4TkzUXN&v=&e=&st=wordpress&lc=en-US&pid=WvtNWfrBMhLtBA4Vbr7r5e&uid=cvMwA49JQzERYEmPQiZQVH&sid=pFxqfTgB6ctGechUFbRSPL&cid=lp-ir2ZmpHHfC8kwid4TkzUXN&uri=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rf=&rx=1600&ry=1200&tz=-10%3A00
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

Transfer-Encoding: chunked
x-request-id: 02bp6529ug2j23sesit0
access-control-max-age: 600
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 5.181.234.134
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://getalldayslimmingtea.com
Date: Tue, 22 Oct 2024 12:05:23 GMT
Content-Type: image/gif
Server: Stargate

GET
H3 200 6187562877965743 Show response
connect.facebook.net/signals/config/ 66 KB
13 KB 63ms
63ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/6187562877965743?v=2.9.172&r=stable&domain=getalldayslimmingtea.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7fc8cd6bcf94142cac7bf4a9c5646a4e80cb39ff283e61efa0f71e1b818ea2a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=68, mss=1232, tbw=67532, tp=64, tpl=0, uplat=46, ullat=0
pragma: public
x-fb-debug: UqrorGu4xJljkxD2TMHlPA+DoOQZxM1OF8SINtruBf9ikZa+JCS5VrNNeSeltsmP+jaxUnmP0XjloYgnjboQ8g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

POST
H3 400 x
e.trackplay.io/ 16 B
745 B 104ms
91ms Ping
application/json 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe1f1ee108954349992266aa9d3205b9e763d77f1f346a7f59986a5a2802eea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://getalldayslimmingtea.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: W/"10-mRC4tqUIwVWOVPhvWLVq/Nc8nb4"
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F30Uo1OsWvRDHL6J5f%2FFFNuUDYKOBRubmAXYHJFYbof3ejs0tsDTapcgy8SNkLmY6SI74vkN8Gt5b6H3nQOFz%2BaFfkFyLa70tTxIu8R4BCADA5RY%2FjDReLmTRk3TDgyfuHNyLWK89CLAp%2B0CbA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d695af42964de93-EWR
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
content-length: 16
server-timing: cfL4;desc="?proto=QUIC&rtt=10713&sent=15&recv=17&lost=0&retrans=0&sent_bytes=4248&recv_bytes=7283&delivery_rate=649&cwnd=12000&unsent_bytes=0&cid=60cb019e733a0b9c&ts=97&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare
priority: u=4,i

OPTIONS
H3 204 x
e.trackplay.io/ Frame 0
0 70ms
41ms Preflight 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://getalldayslimmingtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d695af3cd68437a-EWR
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAEVA9IZw8SifBOVxBQjTuNp%2FfrUhlN4qXD6ngb7C7Rq%2BegA49bMTpEcuwPWtuMNJWlMUXEbsNmGT5Wt8X8r278u%2B2OhBXV7%2FetjKItsswKGni59DQxPT0%2BLDLCzItZySHWYPTByksfMrwlrmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=10848&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4922&recv_bytes=4647&delivery_rate=37817&cwnd=12000&unsent_bytes=0&cid=d918b46a93ad75dd&ts=45&x=1" cfExtPri cfHdrFlush;dur=0
vary: Origin, Access-Control-Request-Headers

POST
H2 200 / Show response
notify.bugsnag.com/ 2 B
104 B 85ms
80ms XHR
text/plain 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Requested by: Host: pixel.clickslogistics.com
URL: https://pixel.clickslogistics.com/load.js?id=668316e029a690b5ac3df99a
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Bugsnag-Payload-Version: 4
Bugsnag-Api-Key: a079c63595e6afb29a62a265bf5c2c1b
Referer: https://getalldayslimmingtea.com/
Bugsnag-Sent-At: 2024-10-22T12:05:23.160Z
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
bugsnag-event-id: 671795030107414b8ba50000
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain; charset=utf-8

OPTIONS
H2 200 /
notify.bugsnag.com/ Frame 0
0 128ms
70ms Preflight 2600:1901:0:a5e4::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://notify.bugsnag.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:a5e4:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method: POST
Origin: https://getalldayslimmingtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Sent-At, Bugsnag-Payload-Version, Bugsnag-Integrity
access-control-allow-methods: POST
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
via: 1.1 google

OPTIONS
H3 204 x
e.trackplay.io/ Frame 0
0 25ms
24ms Preflight 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://getalldayslimmingtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d695af40d8e437a-EWR
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wvA6nuWsuTABCMd%2FVJHps%2FCJbxW0QBf61oP%2BdhFOKmf5Qa475PkCtiE9aaYGY5%2BTbRad4w%2BMhcgGhbF2sOjQQMKl4g8VPrUhSVs%2FynTAfonK0MkcXiOeyHp4IOBDCO%2BBDalSEw8ffx4WVA%2BgAA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=11732&sent=16&recv=13&lost=0&retrans=0&sent_bytes=5681&recv_bytes=5344&delivery_rate=87494&cwnd=12000&unsent_bytes=0&cid=d918b46a93ad75dd&ts=65&x=1" cfExtPri cfHdrFlush;dur=0
vary: Origin, Access-Control-Request-Headers

OPTIONS
H3 204 x
e.trackplay.io/ Frame 0
0 28ms
24ms Preflight 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://getalldayslimmingtea.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8d695af40d9d437a-EWR
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=4,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXCNcCEq0Y5Tn2shrLJ7%2FRLlg8PDMiwTrutH0BjoncTMcdYiCxNkyzDEEFCyQt6d3MnQ3y3SzHcs%2BKdJj2%2FRLVNsFVaRKdiMeFiHQ8tZYQhcCoV3WhLVYrHRNjajwP1b%2BpN7%2FiNfZe4u2FbOnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=11732&sent=17&recv=13&lost=0&retrans=0&sent_bytes=6394&recv_bytes=5344&delivery_rate=87494&cwnd=12000&unsent_bytes=0&cid=d918b46a93ad75dd&ts=73&x=1" cfExtPri cfHdrFlush;dur=0
vary: Origin, Access-Control-Request-Headers

POST
H3 400 x
e.trackplay.io/ 16 B
709 B 105ms
103ms Ping
application/json 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe1f1ee108954349992266aa9d3205b9e763d77f1f346a7f59986a5a2802eea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://getalldayslimmingtea.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: W/"10-mRC4tqUIwVWOVPhvWLVq/Nc8nb4"
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AjrHT3kUSi6TEcU6lebYOCAESKVbvMi3y53hQfeVbGIfy37E5Zabo2Vkgd%2BvqneqpCP%2BdgeKpofV%2F8S3TcmANNRBfY8zKFBGkOClVJgOtq9pDDFZdzpSk3hVSOQEOD8FVMvEkqzft7dq5ntPhw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d695af4296dde93-EWR
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
content-length: 16
server-timing: cfL4;desc="?proto=QUIC&rtt=10716&sent=16&recv=18&lost=0&retrans=0&sent_bytes=5016&recv_bytes=7327&delivery_rate=1229&cwnd=12000&unsent_bytes=0&cid=60cb019e733a0b9c&ts=113&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare
priority: u=4,i

POST
H3 400 x
e.trackplay.io/ 16 B
707 B 98ms
97ms Ping
application/json 2606:4700:3032::6815:2713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://e.trackplay.io/x
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::6815:2713 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ebe1f1ee108954349992266aa9d3205b9e763d77f1f346a7f59986a5a2802eea

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://getalldayslimmingtea.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: DYNAMIC
etag: W/"10-mRC4tqUIwVWOVPhvWLVq/Nc8nb4"
access-control-allow-credentials: true
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gO6drAhDetP%2F2C3lnTa0Hqqetv8uH%2BbFWjL9diH8WnqDGZIkuMxjZRoiBcwYRuX7C2RjHby8zIYozbbW0yhFOJL%2Bac1QuaA4T6j3HPequSSmZOF5ebi5Y804om6ZWKncKCgW6e6S5kJLMlcHoA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8d695af4398ade93-EWR
access-control-allow-origin: https://getalldayslimmingtea.com
alt-svc: h3=":443"; ma=86400
content-length: 16
server-timing: cfL4;desc="?proto=QUIC&rtt=10716&sent=17&recv=18&lost=0&retrans=0&sent_bytes=5748&recv_bytes=7327&delivery_rate=1229&cwnd=12000&unsent_bytes=0&cid=60cb019e733a0b9c&ts=115&x=1", cfExtPri, cfHdrFlush;dur=0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/json; charset=utf-8
vary: Origin
server: cloudflare
priority: u=4,i

GET
H2 200 video.m3u8 Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/360p/ 28 KB
3 KB 27ms
24ms XHR
application/vnd.apple.mpegurl 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/360p/video.m3u8
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: d30996713d1ee073e69adba37dd96cd0c6f74bf0feb6146ed201deb6907f2494

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: gzip
cdn-fileserver: 832
date: Tue, 22 Oct 2024 12:05:23 GMT
cdn-storageserver: NY-267
last-modified: Sun, 14 Jul 2024 12:42:49 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cdn-cachedat: 07/26/2024 12:29:42
cache-control: public, max-age=30
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: 10df9df8cfc9b6d7dd5ff2c6f99931f0
cdn-pullzone: 2161927
cdn-proxyver: 1.04
access-control-allow-origin: *
cdn-edgestorageid: 1067
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H3 200 707991323503527 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 63ms
62ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/707991323503527?v=2.9.172&r=stable&domain=getalldayslimmingtea.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e2b121025b1d2e35326d89d4209224bd2e5f833300c2c8bef35c5abbf225055

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=80, mss=1232, tbw=81772, tp=78, tpl=0, uplat=46, ullat=0
pragma: public
x-fb-debug: Q0wdIAdGmy8RoDP31PaqnqBL6tH4DuZNn2nEzxCduXpkz0Cq0VAf9IcsaYAis6jk75M9E8wEUwpCI5XzStyvhA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 81ms
33ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6187562877965743&ev=Lead&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723232&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=10, mss=1328, tbw=2922, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 151ms
104ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6187562877965743&ev=Lead&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723232&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569951171425663"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: y44EvRzB4X11+p38P7o6iUC5qFk4+TYOvwem2vlW3uKFhqWcroYG7wQ7vsrAPt4hvLTAFmhNVE4aC2uxgtqlag==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569951171425663", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=3607, tp=-1, tpl=-1, uplat=64, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 video0.ts Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/360p/ 493 KB
494 KB 48ms
47ms XHR
video/mp2t 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/360p/video0.ts
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 007a052e3f30a4b8f95ec211e52b8365a6c8fa92cffa62c5beaf251518f3435f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 839
date: Tue, 22 Oct 2024 12:05:23 GMT
cdn-storageserver: NY-346
content-type: video/mp2t
last-modified: Sun, 14 Jul 2024 12:42:51 GMT
cdn-cachedat: 07/26/2024 12:29:43
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: 831a0efad7bf2488861c4079a5778f73
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 504968
cdn-edgestorageid: 894
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H3 200 483679769569150 Show response
connect.facebook.net/signals/config/ 27 KB
4 KB 72ms
68ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/483679769569150?v=2.9.172&r=stable&domain=getalldayslimmingtea.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

761048cd5d8c2d607294a6941693b20329544aa55f705d7884354c354e11ba82

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=82, mss=1232, tbw=85100, tp=82, tpl=0, uplat=43, ullat=0
pragma: public
x-fb-debug: SbObm3yuOBqaNepvHlpoW6vybTuunusRCdcZdXHpXmuUkKhpeR3LEU8hd2ZExDzAfksByttfzj0kWyWJCvxfwA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 19ms
15ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6187562877965743&ev=Lead&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723310&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=3336, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
1 KB 72ms
70ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6187562877965743&ev=Lead&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723310&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569951806984732"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569951806984732", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: WxDmCwWpF06+Qk9Ds40ikJ7xH1Z3dskOTOxG+RluacZBoQr2G1L2BbU54yjHWvUP+oJk+1P+sPjS2tm3morL4A==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=6834, tp=-1, tpl=-1, uplat=45, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 18ms
16ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=707991323503527&ev=Lead&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723312&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=3452, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
848 B 70ms
68ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=707991323503527&ev=Lead&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723312&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569951682459436"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 8oueIyMTWc2xS+4U9YV7VRz3j81FhLnzaGe+zret1wOy+rqTvCreyw9/9205SyYjl0y4aDB2baok7gVJ54jgbg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569951682459436", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=20, rtx=0, c=10, mss=1328, tbw=7935, tp=-1, tpl=-1, uplat=47, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 814944699464593 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 86ms
85ms Script
application/x-javascript 2a03:2880:f003:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/814944699464593?v=2.9.172&r=stable&domain=getalldayslimmingtea.com&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C28%2C82%2C87%2C47%2C46%2C86%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C127%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0859f5c04856b7c6de26f4ad957e948519338f9f67b971cfae9efb724936a6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: ;script-src 'unsafe-inline' .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* blob: data: 'self' https://.google-analytics.com .google.com;style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' https://.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: *;script-src 'unsafe-inline' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=15, rtx=0, c=86, mss=1232, tbw=89580, tp=88, tpl=0, uplat=63, ullat=0
pragma: public
x-fb-debug: ct3mk2i1CkAD4WFyFJuAjX4X+XOcLt1ExKY7qCr8ELXiOt/3d2eHt3wpUwtJQaPVBbQgcTH55z3E0Io9Nbm6bg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 22ms
20ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6187562877965743&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723407&sw=1600&sh=1200&v=2.9.172&r=stable&ec=2&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=5007, tp=16, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 40ms
38ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6187562877965743&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723407&sw=1600&sh=1200&v=2.9.172&r=stable&ec=2&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569951482467866"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: uf4KmPi7mpj1bGmx4pr7tJ6qDvEpLGiwpyKqUqjbFiU44U9Mqt9nxLbGxvmMoPANNLq7s9lUoxUKzGeltOpPdg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569951482467866", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=24, mss=1232, tbw=5711, tp=22, tpl=0, uplat=18, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 23ms
22ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=707991323503527&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723411&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=5327, tp=18, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 40ms
39ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=707991323503527&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723411&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569952438206191"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: zhTNBIdkVAPm344p8mpqgPDObPbB2LHWtP2wNinQGk5P5DgT5QpumgJcHz20vqqwSVKueWBdvA1PfP3KnecV1w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569952438206191", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=24, mss=1232, tbw=8927, tp=25, tpl=0, uplat=18, ullat=1
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 22ms
21ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=483679769569150&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723414&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=5519, tp=20, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 42ms
41ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=483679769569150&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723414&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569951642299441"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: GwYliJTsmnak5LRv8pLffUYrH0bYaSI0+weg/Pn2ZXikp0d6XMMHeQW3Wv+bFP8pF5zIwvZLJFKnKRuvnqYcdg==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569951642299441", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=24, mss=1232, tbw=9807, tp=26, tpl=0, uplat=19, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 video.m3u8 Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/ 28 KB
3 KB 50ms
50ms XHR
application/vnd.apple.mpegurl 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/video.m3u8
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: d30996713d1ee073e69adba37dd96cd0c6f74bf0feb6146ed201deb6907f2494

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
content-encoding: gzip
cdn-fileserver: 837
date: Tue, 22 Oct 2024 12:05:23 GMT
cdn-storageserver: NY-268
last-modified: Sun, 14 Jul 2024 12:53:37 GMT
content-type: application/vnd.apple.mpegurl
vary: Accept-Encoding
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cdn-cachedat: 07/26/2024 12:29:43
cache-control: public, max-age=30
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: f37cae588e094d8e5d1b3fe8a660a164
cdn-pullzone: 2161927
cdn-proxyver: 1.04
access-control-allow-origin: *
cdn-edgestorageid: 1029
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 34ms
32ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=6187562877965743&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723520&sw=1600&sh=1200&v=2.9.172&r=stable&ec=3&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=12033, tp=38, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 68ms
66ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=6187562877965743&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723520&sw=1600&sh=1200&v=2.9.172&r=stable&ec=3&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569950752810830"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: IeOvW3+ihlsZd47FwP8Xmhg3HfZDBQ/kLiSxaOPF4/LKLaK8ZQ56ct43ahyXPqm6NT0eoqmpfA2z4GsWbLyGFQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569950752810830", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=15713, tp=50, tpl=0, uplat=25, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 62ms
60ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=707991323503527&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723521&sw=1600&sh=1200&v=2.9.172&r=stable&ec=2&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=12225, tp=40, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
193 B 66ms
64ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=707991323503527&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723521&sw=1600&sh=1200&v=2.9.172&r=stable&ec=2&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569951951239904"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569951951239904", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-debug: T9vkxtSoHoq9CBjhnffpXP0l57v6P11wlZN7Lfgv81IYaRQOXlJJLuYwdq0z8RnnWBAM8Q1WeS1rNW94MGYtdQ==
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=14609, tp=49, tpl=0, uplat=22, ullat=0
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 70ms
68ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=483679769569150&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723524&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=12417, tp=42, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
192 B 66ms
65ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=483679769569150&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723524&sw=1600&sh=1200&v=2.9.172&r=stable&ec=1&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569951807510671"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: RG+680sSL8/8oDV7H7MZ+A44KfdexXDaeu6U0gnj2up7GXhUMh5YeKcnbxhHV3UiRfL7JxfjsSdd2sbS0MlUfQ==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569951807510671", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=12801, tp=46, tpl=0, uplat=18, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 65ms
63ms Image
text/plain 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=814944699464593&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723525&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=GET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=12609, tp=44, tpl=0, uplat=1, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
195 B 66ms
65ms Image
image/png 2a03:2880:f103:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=814944699464593&ev=ViewTea&dl=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7&rl=&if=false&ts=1729598723525&sw=1600&sh=1200&v=2.9.172&r=stable&ec=0&o=12318&fbp=fb.1.1729598723229.632971946897323876&ler=empty&cdl=API_unavailable&it=1729598723125&coo=false&exp=h3&rqm=FGET

Requested by

Host: getalldayslimmingtea.com
URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f103:181:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://.google-analytics.com .google.com;style-src .fbcdn.net data: .facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com https://.google-analytics.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com https://fonts.gstatic.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://.google-analytics.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .facebook.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net .google.com .doubleclick.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7428569950523444346"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Tue, 22 Oct 2024 12:05:23 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: u3XzfXGwwM8lHgA43uTFwzGOhozgXoYMnZwWFjC7k69jNoCa6PjV4GlEiznKjgxPBXCdrcdS23hrOiUdKjNq5w==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7428569950523444346", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=29, mss=1232, tbw=13681, tp=47, tpl=0, uplat=18, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 video1.ts Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/ 530 KB
531 KB 43ms
42ms XHR
video/mp2t 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/video1.ts
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: d756d4496a160c3f8116cf25d4fd8d793876219ee18411caa457db67364d2af9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 837
date: Tue, 22 Oct 2024 12:05:23 GMT
cdn-storageserver: NY-268
content-type: video/mp2t
last-modified: Sun, 14 Jul 2024 12:53:37 GMT
cdn-cachedat: 10/19/2024 19:09:39
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: c804444f853fbdb154316f18c55ed045
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 542568
cdn-edgestorageid: 718
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H/1.1 200
OK capture
api.leadpages.io/analytics/v1/observations/ 35 B
355 B 42ms
40ms Image
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.7.13&origin=page-speed&kind=timer,timer,timer,timer,timer,timer,timer,timer,timer,timer&label=domain-lookup,connect,request,ttfb,response,loading,interactive,content-loaded,complete,load&value=95,54,607,759,63,797,1073,1074,1760,1760
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

Transfer-Encoding: chunked
x-request-id: 02bp655dh215ahnkfir0
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 5.181.234.134
Connection: keep-alive
access-control-allow-credentials: true
Date: Tue, 22 Oct 2024 12:05:23 GMT
Content-Type: image/gif
Server: Stargate

GET
H2 200 favicon.ico
static.leadpages.net/images/ 15 KB
3 KB 15ms
11ms Other
image/vnd.microsoft.icon 34.107.203.240
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.leadpages.net/images/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.240 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 240.203.107.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: 76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cache-control: public, max-age=300
content-encoding: gzip
etag: "U0Ffwg"
age: 155
via: 1.1 google
expires: Tue, 22 Oct 2024 12:07:48 GMT
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2594
date: Tue, 22 Oct 2024 12:02:48 GMT
x-cloud-trace-context: 6314100f25ce4d9230af4af0841627ab
content-type: image/vnd.microsoft.icon
server: Google Frontend
vary: Accept-Encoding

GET
H2 200 video2.ts Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/ 1 MB
1 MB 26ms
26ms XHR
video/mp2t 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/video2.ts
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 287df5d82539e5b9821f4a8ecf26a4ad03877bdf20af32ae754c1c8ef2e06d06

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 839
date: Tue, 22 Oct 2024 12:05:23 GMT
cdn-storageserver: NY-268
content-type: video/mp2t
last-modified: Sun, 14 Jul 2024 12:53:35 GMT
cdn-cachedat: 08/05/2024 07:15:46
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: 66f2d175a3f9fc743bd02de92e0807b8
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1139844
cdn-edgestorageid: 718
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 119ms
37ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?origin=&version=1.2.2&correlateBy=XLCEdZ2ixL5CWEaRvVupTF&kind=text,text,text,text,text,text,timer,timer&label=lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_leadbox_embedded,lb_embed_embed_script_load,lb_embed_leadbox_load&value=QGjX6dk2ihZTtNYRBNVSoG,QGjX6dk2ihZTtNYRBNVSoG,QGjX6dk2ihZTtNYRBNVSoG,QGjX6dk2ihZTtNYRBNVSoG,QGjX6dk2ihZTtNYRBNVSoG,QGjX6dk2ihZTtNYRBNVSoG,219.5999994277954,396.3999996185303
Requested by: Host: embed.lpcontent.net
URL: https://embed.lpcontent.net/leadboxes/current/embed.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

Transfer-Encoding: chunked
x-request-id: 02bp657su4mvptdfd3lg
access-control-max-age: 600
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 5.181.234.134
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://getalldayslimmingtea.com
Date: Tue, 22 Oct 2024 12:05:23 GMT
Content-Type: image/gif
Server: Stargate

GET
H2 200 video3.ts Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/ 1 MB
1 MB 38ms
37ms XHR
video/mp2t 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/video3.ts
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: dd757ca754d71f0b2eb76b8525ac806d887a818efb09fce74eba585713379264

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 839
date: Tue, 22 Oct 2024 12:05:23 GMT
cdn-storageserver: NY-267
content-type: video/mp2t
last-modified: Sun, 14 Jul 2024 12:53:25 GMT
cdn-cachedat: 07/26/2024 12:29:44
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: e41351b77db0d89cbf410b12e6d31e69
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1100176
cdn-edgestorageid: 940
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H2 200 video4.ts Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/ 1 MB
1 MB 27ms
26ms XHR
video/mp2t 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/video4.ts
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: 551c3ba0ecb1ade0a1a386572e046c670904aa5b9fc0ba90ae52519715bb8022

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 837
date: Tue, 22 Oct 2024 12:05:24 GMT
cdn-storageserver: NY-427
content-type: video/mp2t
last-modified: Sun, 14 Jul 2024 12:53:33 GMT
cdn-cachedat: 10/02/2024 21:21:06
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: 8cda13b45890adc672ae7215497f754e
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1093220
cdn-edgestorageid: 1070
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H2 200 video5.ts Show response
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/ 924 KB
926 KB 27ms
26ms XHR
video/mp2t 2400:52e0:1a00::1070:1
BUNNYCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/video5.ts
Requested by: Host: scripts.trackplay.io
URL: https://scripts.trackplay.io/732e70a9-b263-410a-8932-32735090fcd1/3cc9eb39-a6c3-4a93-b0d6-7c83cc9d74e2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2400:52e0:1a00::1070:1 Chicago, United States, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software: BunnyCDN-IL1-1070 /
Resource Hash: aef068af7042aae7923a5eeafc9ee3bfc6833d4f3d0bba8fdcc42cea2a8bcbdc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

cdn-status: 200
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-fileserver: 832
date: Tue, 22 Oct 2024 12:05:26 GMT
cdn-storageserver: NY-346
content-type: video/mp2t
last-modified: Sun, 14 Jul 2024 12:53:35 GMT
cdn-cachedat: 07/26/2024 12:29:48
cdn-cache: HIT
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-requestpullcode: 206
cache-control: public, max-age=2592000
cdn-requestpullsuccess: True
cdn-requesttime: 0
cdn-uid: 11185a90-e496-4698-ab78-97f246519fd7
cdn-requestid: df883a6e35343725c50b18dd462ab9f1
cdn-pullzone: 2161927
cdn-proxyver: 1.04
accept-ranges: bytes
access-control-allow-origin: *
content-length: 946580
cdn-edgestorageid: 1067
server: BunnyCDN-IL1-1070
cdn-requestcountrycode: US

GET
H/1.1 200
OK capture Show response
api.leadpages.io/analytics/v1/observations/ 35 B
447 B 37ms
37ms XHR
image/gif 35.192.151.63
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.leadpages.io/analytics/v1/observations/capture?version=1.8.6&correlateBy=UhyY8SYzrbSgCA3UKErJEW&origin=center-js&kind=timer,timer,counter,timer&label=load-center,load-identify,ident-new,send-events&value=179.10000038146973,124.89999961853027,1,159.89999961853027
Requested by: Host: js.center.io
URL: https://js.center.io/center.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 35.192.151.63 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 63.151.192.35.bc.googleusercontent.com
Software: Stargate /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://getalldayslimmingtea.com/

Response headers

Transfer-Encoding: chunked
x-request-id: 02bp6622spb7vm561tag
access-control-max-age: 600
access-control-expose-headers: LP-Security-Token
X-Forwarded-For: 5.181.234.134
Connection: keep-alive
access-control-allow-credentials: true
access-control-allow-origin: https://getalldayslimmingtea.com
Date: Tue, 22 Oct 2024 12:05:27 GMT
Content-Type: image/gif
Server: Stargate

GET video6.ts
media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: media.trackplay.io
URL: https://media.trackplay.io/1675ed50-601c-4ce0-9bde-c35d55c17cfc/720p/video6.ts

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.api.leadpages.io/analytics/v1/events/capture	1970-01-21 00:28:05	Name: view.WvtNWfrBMhLtBA4Vbr7r5e.ir2ZmpHHfC8kwid4TkzUXN Value: 1729598723000
getalldayslimmingtea.com/	1970-01-21 10:02:38	Name: __datadojo_pixel_session_id Value: a251e322-497e-4467-b9ec-a42053e138b5
getalldayslimmingtea.com/	1970-01-21 10:02:38	Name: __datadojo_number_of_events_processed Value: 0
getalldayslimmingtea.com/	1970-01-21 10:02:38	Name: __datadojo_current_active_time Value: Tue%20Oct%2022%202024%2002:05:23%20GMT-1000%20(Hawaii-Aleutian%20Standard%20Time)
getalldayslimmingtea.com/	1970-01-21 09:12:14	Name: trackplay_device_id Value: e2bfd796-355b-4361-bec5-faf0f6411935
getalldayslimmingtea.com/	1970-01-21 00:26:49	Name: trackplay_session_id Value: f9e1f3bf-da57-414d-8890-583c90dd8932
.getalldayslimmingtea.com/	1970-01-21 02:36:14	Name: sessid2 Value: sessid20241022120516493
.getalldayslimmingtea.com/	1970-01-21 02:36:14	Name: spi_funnel_codename Value:
.getalldayslimmingtea.com/	1970-01-21 02:36:14	Name: aff_id Value: 26143
.getalldayslimmingtea.com/	1970-01-21 02:36:14	Name: sid Value: herbalnwx7
.getalldayslimmingtea.com/	1970-01-21 02:36:14	Name: campaign_id Value:
.getalldayslimmingtea.com/	1970-01-21 02:36:14	Name: referrer Value: 2a0d:5600:24:1500:1011:e45a:a357:4191::getalldayslimmingtea.com%2Fstart
.getalldayslimmingtea.com/	1970-01-21 02:36:14	Name: _fbp Value: fb.1.1729598723229.632971946897323876

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api-pixel.datadojo.ai/public/api/v1/data-provider/hem-provider?pixel_id=668316e029a690b5ac3df99a&url=https%3A%2F%2Fgetalldayslimmingtea.com%2Fstart%3Faff_id%3D26143%26subid%3Dherbalnwx7 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://e.trackplay.io/x Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://e.trackplay.io/x Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://e.trackplay.io/x Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://getalldayslimmingtea.com/undefined Message: Failed to load resource: the server responded with a status of 404 ()
javascript	warning	URL: https://getalldayslimmingtea.com/start?aff_id=26143&subid=herbalnwx7 Message: The resource https://media.trackplay.io/af2597e0-199f-4ed7-9c36-a814bcbba5e9/thumbnail.jpg was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-pixel.datadojo.ai
api.leadpages.io
buygoods.com
cdnjs.cloudflare.com
connect.facebook.net
e.trackplay.io
emailaccelator.shop
embed.lpcontent.net
fitnessforwomen.lpages.co
fonts.googleapis.com
fonts.gstatic.com
getalldayslimmingtea.com
healthnews.mydailyhealthtips.shop
js.center.io
lh3.googleusercontent.com
media.trackplay.io
notify.bugsnag.com
pixel.clickslogistics.com
scripts.trackplay.io
sessions.bugsnag.com
static.leadpages.net
tracking.buygoods.com
www.facebook.com
media.trackplay.io
162.241.169.234
2001:4860:4802:36::15
2001:4860:4802:38::15
2400:52e0:1a00::1070:1
2400:52e0:1a00::1207:2
2600:1901:0:7a0b::
2600:1901:0:a5e4::
2606:4700:3032::6815:2713
2606:4700:3033::6815:42fd
2606:4700:3033::6815:7de
2606:4700:3036::ac43:be23
2606:4700:3108::ac42:288d
2606:4700:3108::ac42:2b73
2606:4700::6811:190e
2607:f8b0:400d:c00::84
2607:f8b0:400d:c0b::5e
2607:f8b0:400d:c0c::5f
2a03:2880:f003:100:face:b00c:0:3
2a03:2880:f103:181:face:b00c:0:25de
34.107.203.240
35.192.151.63
35.202.21.90
91.197.243.143
007a052e3f30a4b8f95ec211e52b8365a6c8fa92cffa62c5beaf251518f3435f
082a4c31a794f52c5d1c716d9fa53ec047ebf0c754cb17552956c27cb1f98905
0931062415f74d92275522b4c1a8c5bf87ca9db084e219df50386fe3b92c494a
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0cc006eb54e79e4a2a2af8f816f08a006dc697a1429df1ac9a61aa5e86107886
0fc3b30d4aa9c1a379b4bc8362efb5776360c7fe5ea4920ea30a55489d94c9ef
14644cde2b4cfe885b8e0e4eacc115cfcd054ba6d5582af4a1fe4bd952fc16b7
15f2cc40d24744c7ffa4fa25104648886d49757c15472b3c680eaa4983454e62
1d3c69200c0e585c4e4ae0839689c10b303a31496a267d2d87de775e44c52f41
1e6868d195b280ddfce069c2efa9d6c4bc343f25de83c415f90bf5f61dc94634
287df5d82539e5b9821f4a8ecf26a4ad03877bdf20af32ae754c1c8ef2e06d06
2998bfa97714fb4ec5345749864e23baefdf466d5eeeaf8e724245249c06859e
2ab3afa442f542c5fb642d18baf8d2abd8bcc4ed438ba634e930f30fdb9b6644
30c42386a99e882f1d702375d8d83b332d1b53c4b72492ec591f3ffe850bbb7c
32fd068cac2e898f8f171810fc3017571ec5968fdcdf2991f9b286c648c5ef65
365708e81e4786ca59e61ac371e936b63334308efccb3f9cb6b967b426e53f10
37ce391cc50c2cd81db3e1b29696ae13ad3c5bd6e156db15518b4b260bed0950
3ad280764026187561b0bf951894e0f818901b58745064c956ffead1227ba3d4
3bdbf857bb1acdf48b0076a1b703142859a44bf5615f53efb914b18d23d20254
41ba9c4e932e024a0c1a1828bcfd8d0b9ef01b0e1be54f82523f32cfdc2bb1a7
45309533901e2d924b6db10055b7397e199f6f73dbdc25289424ef7d08e40a7d
49cdda2a82f71b562489b78a4f5e69080e89cf2aa7479cd5444e7d50011b5c2d
4b294a55d42a412690216907901164cccaa05c17c999452b6041a413d4fa66f6
551c3ba0ecb1ade0a1a386572e046c670904aa5b9fc0ba90ae52519715bb8022
5590f038f87169772f0bb512d942481838ac73230926fb92c4ff8db9a19b2296
56135ed4bfbd0655dcd339cf9cf102f5f3783c17be75e66ca5759af5bfdb9298
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
62e877a3e6349237529d1ef5b342eb5607420b3d2aac520c008dd2546cd111f9
6752677deb8496e0caf2f747d5fa7ecf04f266fbb76778b79cf3696937f27935
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
761048cd5d8c2d607294a6941693b20329544aa55f705d7884354c354e11ba82
76da9be859d0d9cd9ffa30b9aa9d07a34164acba1ec512c61bd1b7854c1fab7b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7fc8cd6bcf94142cac7bf4a9c5646a4e80cb39ff283e61efa0f71e1b818ea2a3
89978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571
8b83df39b4af22746878b487773a81f4584e48579954a6b7dd2f9995078e822c
8e2b121025b1d2e35326d89d4209224bd2e5f833300c2c8bef35c5abbf225055
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
94239bf050be2c39e239e82ec2700502707ef1b7b36757a18aba756985070940
986f09cb1717226f1d380626a902f700d373b4ca78b491cb43d3e7246297f7ff
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ae812326d12cc93f1c9b9b39f05573ed58f7b105a1ee006a6d8f1e2c3f911b66
ae95d608ee76e064ca676f3114fc5f48b0d5adac9ea3c9dbd137112f53c9b055
aef068af7042aae7923a5eeafc9ee3bfc6833d4f3d0bba8fdcc42cea2a8bcbdc
b5d5cf5c37a9158205dc0651570590eb7b6334ea48c603e5793b2f0e3001ddb0
bbcaeca815d451dde72f4760e36671e7a2bf42dd4cc88ec3d968886ff4e0a2d0
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c851e5130fd9f546b6b1b6a9184fd68fead99dbbe4e97283303a11d7a5802b4f
c927eaffaf8c6af3b9014a859b9c94e31baca362d3f9e44de991944cdbf7d61c
cc08eb3316359de0d8f025efee489da73ca552209a0c9cab6b00894d7fa21d42
ce55ba35c68b27feb1b41633f980f10678d45b5ce482da1030baf5a33568e30c
d30996713d1ee073e69adba37dd96cd0c6f74bf0feb6146ed201deb6907f2494
d756d4496a160c3f8116cf25d4fd8d793876219ee18411caa457db67364d2af9
dd757ca754d71f0b2eb76b8525ac806d887a818efb09fce74eba585713379264
e0859f5c04856b7c6de26f4ad957e948519338f9f67b971cfae9efb724936a6c
e2d86bb8e20bd418135f141d753dff03c8036423ebdf256770789361d48e2128
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e418c7f2dc09a6d4a9579afb0b8fb1c44492fed06fb71d8fb334a3ddd067636f
e647723b44f5312d8f01954c002b2787d32effd45ee17a859f223eeb59a767f3
e6802973fc0c75ad67b4810ae2aa16278608b675787c11ccc32c2e9e3f203ea7
e94a706682636396ec4f9a4e73085a4864aced01eff618ce30e63c21edb6eab4
ebe1f1ee108954349992266aa9d3205b9e763d77f1f346a7f59986a5a2802eea
ef00d758ed61a7ebb29e4032e0b066da95606c12d30e7530ee4ff779d51026b3
ef0a8609c9c0b0310d7c17e1086356ac326f4d448a67aabdacf10d59455dc21a
efd6eca40480ec8012a46a12581f30ec5f80592d1a94cb043b7956423cd2e842
f4cfd4a5b95dfb31c47cd567d9719fc12a0453f6ff27e2872147a9740e4b9e56
fa17c07b381901ab4f6376f0caec7b3459ed28fe5599a3b8306030f4351abe13

getalldayslimmingtea.com Open in urlscan Pro 2606:4700:3033::6815:7de Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

99 %HTTPS

78 %IPv6

19 Domains

23 Subdomains

22 IPs

2 Countries

6017 kBTransfer

7203 kBSize

13 Cookies

2 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

getalldayslimmingtea.com Open in urlscan Pro
2606:4700:3033::6815:7de Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

99 %
HTTPS

78 %
IPv6

19
Domains

23
Subdomains

22
IPs

2
Countries

6017 kB
Transfer

7203 kB
Size

13
Cookies

102 HTTP transactions
1 data transactions