www.teamtruebeauty.com Open in urlscan Pro
18.159.80.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.teamtruebeauty.com/
Submission Tags: falconsandbox
Submission: On July 21 via api (July 21st 2022, 10:48:50 am UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 13 domains to perform 57 HTTP transactions. The main IP is 18.159.80.129, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is www.teamtruebeauty.com.
TLS certificate: Issued by R3 on July 20th 2022. Valid for: 3 months.

This is the only time www.teamtruebeauty.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	18.159.80.129 18.159.80.129	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6812:1690	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:225... 2600:9000:225f:7200:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400e:80e::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	84.17.46.53 84.17.46.53	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
57	16

6 18.159.80.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com

www.teamtruebeauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:1690 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-fbndh.nitrocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:7200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400e:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 84.17.46.53 (Amsterdam, Netherlands)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-46-53.cdn77.com

to.getnitropack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	297 KB
9	nitrocdn.com cdn-fbndh.nitrocdn.com	352 KB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 372	130 KB
6	teamtruebeauty.com www.teamtruebeauty.com	84 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 56	26 KB
4	gstatic.com fonts.gstatic.com	90 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 96 www.google.com — Cisco Umbrella Rank: 10	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8252	914 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 991 pixel.quantserve.com — Cisco Umbrella Rank: 452	10 KB
1	getnitropack.com to.getnitropack.com — Cisco Umbrella Rank: 14937	469 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 72	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 873	653 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 942	447 B
57	13

	Domain	Requested by
9	cdn-fbndh.nitrocdn.com	www.teamtruebeauty.com
8	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
8	pagead2.googlesyndication.com	www.teamtruebeauty.com pagead2.googlesyndication.com tpc.googlesyndication.com
6	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	www.teamtruebeauty.com	www.teamtruebeauty.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	fonts.gstatic.com	www.teamtruebeauty.com fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	to.getnitropack.com	www.teamtruebeauty.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	pixel.quantserve.com	www.teamtruebeauty.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.teamtruebeauty.com
57	16

This site contains links to these domains. Also see Links.

Domain
www.romainberg.com
www.dmca.com

Subject Issuer	Validity	Valid
teamtruebeauty.com R3	`2022-07-20` - `2022-10-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
nitrocdn.com Cloudflare Inc ECC CA-3	`2022-07-04` - `2022-10-02`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-27` - `2022-09-19`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh
*.getnitropack.com Thawte RSA CA 2018	`2022-01-06` - `2023-01-06`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-04` - `2022-09-26`	3 months	crt.sh

This page contains 6 frames:

Primary Page: https://www.teamtruebeauty.com/
Frame ID: D3E6B5FA8B9FDACF9AC2D2AF242C2A38
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html
Frame ID: D32AFF8D0EF63B6C2081E8AF86E41047
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8437179536443777&output=html&adk=1812271804&adf=3025194257&lmt=1658400526&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.teamtruebeauty.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658400525886&bpp=4&bdt=180&idt=184&shv=r20220719&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6891421530851&frm=20&pv=2&ga_vid=1630929853.1658400526&ga_sid=1658400526&ga_hid=2037573864&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C31068511&oid=2&pvsid=3643848070417044&tmod=819485057&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203
Frame ID: D4C38ACE050752931E5594248C4C8096
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
Frame ID: F49E943081036CBF6A6BD085723A40E4
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A255F76E12EA83D307B655E95D89CB12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 535ABA3AF3C440DC50CFB0CFEB1D6B2E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Home | Team True Beauty

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

57
Requests

98 %
HTTPS

80 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

993 kB
Transfer

3275 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.romainberg.com/
Title: Romain Berg

Search URL Search Domain Scan URL

URL: https://www.dmca.com/Protection/Status.aspx?ID=fa056915-c2e8-40e4-9b8f-2cf8e3e2b7f3

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.teamtruebeauty.com/ 199 KB
54 KB 218ms
106ms Document
text/html 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx / WP Engine
Resource Hash: 1f60719cc1c4f7974db6a3ca88ee057918d2b9b493db476cd00ec68a83bc0daa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Mobile
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 72e2c7853a0592c5-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 21 Jul 2022 10:48:45 GMT
display: orig_site_sol
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 20 Jul 2022 10:48:45 GMT
link: <https://cdn-fbndh.nitrocdn.com>; rel=preconnect, <https://www.teamtruebeauty.com/wp-json/>; rel="https://api.w.org/", <https://www.teamtruebeauty.com/wp-json/wp/v2/pages/10137>; rel="alternate"; type="application/json", <https://www.teamtruebeauty.com/>; rel=shortlink
pagespeed: off
response: 200
server: nginx
vary: Accept-Encoding Accept-Encoding,User-Agent
x-cache: HIT: 8
x-cache-ctime: 1658251998
x-cache-group: bot
x-cacheable: bot
x-ezoic-cdn: Hit ds;mm;feec4d6fdf8ae27d0e7ad7221386e7a7;2-363648-0;905c0809-b376-4d91-5b5f-7db40c64c39e
x-middleton-display: orig_site_sol
x-middleton-response: 200
x-nitro-cache: HIT
x-nitro-cache-from: drop-in
x-nitro-rev: f4f3cc6
x-origin-cache-control: max-age=10800, must-revalidate
x-powered-by: WP Engine
x-sol: orig

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 101ms
47ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8437179536443777

Requested by

Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f217f04ae9d792919f5d2b7b95ecbd718521763c6a101fc8848cf264e6375dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.teamtruebeauty.com/
Origin: https://www.teamtruebeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51252
x-xss-protection: 0
server: cafe
etag: 7695750588584322480
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 10:48:45 GMT

GET
H2 200 cmbv2.js Show response
www.teamtruebeauty.com/detroitchicago/ 72 KB
19 KB 97ms
96ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.teamtruebeauty.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y21-3y2d-4y55-1&cmbcb=90&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2dx55
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bd21cde0239505096938a47eb2ca3b64446e47ec500773bae4f55f71ec983a5e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 339be152a2399ee136d14d580bf4af802532288abd004db246c63f264d6b7e6e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2
fonts.gstatic.com/s/librefranklin/v13/ 27 KB
27 KB 78ms
25ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/librefranklin/v13/jizDREVItHgc8qDIbSTKq4XkRiUf2zcZiVbJ.woff2

Requested by

Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

404e1c6e99403a4442497b1c0405949133763189f564110d0863a274c4fa2634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.teamtruebeauty.com/
Origin: https://www.teamtruebeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 20:57:27 GMT
x-content-type-options: nosniff
age: 49878
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27200
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:56:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 20:57:27 GMT

GET
BLOB 200
OK e0e60b8e-5a44-4ac9-8883-566deb6f9fed
https://www.teamtruebeauty.com/ 824 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Length: 824
Content-Type: text/javascript

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 11 KB
11 KB 63ms
21ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.teamtruebeauty.com/
Origin: https://www.teamtruebeauty.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 23:04:45 GMT
x-content-type-options: nosniff
age: 128640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10988
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 23:04:45 GMT

GET
H2 200 Untitled-design-300x300.png
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/03/ 3 KB
3 KB 137ms
77ms Image
image/webp 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/03/Untitled-design-300x300.png
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d466e0e01eac216b28b07012042dcd8391c0929fe4825d25f4051885afd6cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
cf-cache-status: MISS
last-modified: Tue, 19 Jul 2022 16:57:53 GMT
server: cloudflare
link: <https://www.teamtruebeauty.com/wp-content/uploads/2022/03/Untitled-design-300x300.png>; rel="canonical"
etag: "62d6e291-bfe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 72e35db67ea990ba-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2930

GET
H2 200 search-icon.png
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/themes/acabado/img/ 748 B
903 B 113ms
57ms Image
image/webp 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/themes/acabado/img/search-icon.png
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e35c6a6643cd9c96f769012c6f5cfaa7665e1e687ed0840ecf43d63344f3f40c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
cf-cache-status: HIT
age: 140238
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 748
last-modified: Tue, 19 Jul 2022 16:57:51 GMT
server: cloudflare
etag: "62d6e28f-36f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 72e35db67ea390ba-FRA
link: <https://www.teamtruebeauty.com/wp-content/themes/acabado/img/search-icon.png>; rel="canonical"

GET
H2 200 AdobeStock_55045013-300x200.jpg
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/07/ 5 KB
5 KB 91ms
35ms Image
image/webp 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/07/AdobeStock_55045013-300x200.jpg
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71725e55a3804be02a725592cef01f3abbae652f3a0ddf1f585bef1ccb2e3c7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
cf-cache-status: HIT
age: 51051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5216
last-modified: Tue, 19 Jul 2022 16:57:51 GMT
server: cloudflare
etag: "62d6e28f-14f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 72e35db67ea890ba-FRA
link: <https://www.teamtruebeauty.com/wp-content/uploads/2022/07/AdobeStock_55045013-300x200.jpg>; rel="canonical"

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce814f4106bda7deaa74fe31f9773d5a69254662cfef51e5b176e11100946186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aa1bd2cbc3098057cdc42d522baf5c8ad211a9d10741e881c64e41cdcaa933fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 93 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ce814f4106bda7deaa74fe31f9773d5a69254662cfef51e5b176e11100946186

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 91 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53f454f9a783c84eda9c83f8ddbcd67a2558646765f664ee22393ad89cc90486

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ezcl.webp Show response
www.teamtruebeauty.com/utilcave_com/inc/ 1 KB
691 B 52ms
51ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.teamtruebeauty.com/utilcave_com/inc/ezcl.webp?cb=4
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: br
x-sol: middleton
server: nginx
display: staticcontent_sol
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: staticcontent_sol
cache-control: max-age=86400
content-length: 605

GET
H2 200 octocurl-review-01-300x275.jpg
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/04/ 6 KB
6 KB 70ms
58ms Image
image/webp 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/04/octocurl-review-01-300x275.jpg
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820781b9180e87a5f79b1019518d53035ed95da219d0ca8305a50bd342138f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
cf-cache-status: HIT
age: 51051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6370
last-modified: Tue, 19 Jul 2022 16:57:51 GMT
server: cloudflare
etag: "62d6e28f-1971"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 72e35db67eac90ba-FRA
link: <https://www.teamtruebeauty.com/wp-content/uploads/2022/04/octocurl-review-01-300x275.jpg>; rel="canonical"

GET
H2 200 AdobeStock_175895083-300x164.jpg
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2021/11/ 5 KB
5 KB 70ms
58ms Image
image/webp 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2021/11/AdobeStock_175895083-300x164.jpg
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c3d0bccc2ac541b4e08e6c2d4e46c4d9cb2988495a36ad61502e99660ebd532

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
cf-cache-status: HIT
age: 51049
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5462
last-modified: Tue, 19 Jul 2022 16:57:51 GMT
server: cloudflare
etag: "62d6e28f-15e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 72e35db68eaf90ba-FRA
link: <https://www.teamtruebeauty.com/wp-content/uploads/2021/11/AdobeStock_175895083-300x164.jpg>; rel="canonical"

GET
H2 200 274917672_10228402299264870_3736760490853647485_n.jpg
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/03/ 177 KB
177 KB 48ms
36ms Image
image/webp 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/2022/03/274917672_10228402299264870_3736760490853647485_n.jpg
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5ce03dbe69b56d6571d0a152fab8217083cbbab66a4a34bff0be31842d5200e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
cf-cache-status: HIT
age: 51051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 180870
last-modified: Tue, 19 Jul 2022 16:57:53 GMT
server: cloudflare
etag: "62d6e291-2c32c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000, public
accept-ranges: bytes
cf-ray: 72e35db67eab90ba-FRA
link: <https://www.teamtruebeauty.com/wp-content/uploads/2022/03/274917672_10228402299264870_3736760490853647485_n.jpg>; rel="canonical"

GET
H2 200 imp.gif Show response
www.teamtruebeauty.com/detroitchicago/ 43 B
118 B 31ms
30ms XHR
image/gif 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.teamtruebeauty.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A0%2C%22ad_lazyload_version%22%3A0%2C%22ad_load_version%22%3A0%2C%22city%22%3A%22Dortmund%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22domain_id%22%3A363648%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A2%2C%22ezcache_skip_code%22%3A0%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A0%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%22%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%22a70a8968-8f7b-449e-41b5-9ef4e6d995ed%22%2C%22position_selection_id%22%3A0%2C%22postal_code%22%3A%2244263%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A189712%2C%22response_time_orig%22%3A10%2C%22serverid%22%3A%2218.192.101.15%3A21260%22%2C%22state%22%3A%22NW%22%2C%22t_epoch%22%3A1658400525%2C%22template_id%22%3A120%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.teamtruebeauty.com%2F%22%2C%22user_id%22%3A0%2C%22word_count%22%3A517%2C%22worst_bad_word_level%22%3A0%7D&ez_orig=1
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y21-3y2d-4y55-1&cmbcb=90&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2dx55
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 20 Jul 2022 10:48:43 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 117ms
23ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/detroitchicago/cmbv2.js?gcb=195-0&cb=04-1y02-5y06-12y07-1y19-6y0b-5y0d-16y13-3y17-4y1c-2y21-3y2d-4y55-1&cmbcb=90&sj=x04x02x06x07x19x0bx0dx13x17x1cx21x2dx55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: gzip
etag: "77f5L8LR6ldZZZ+q4Q+xaw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 28 Jul 2022 10:48:45 GMT

GET
H2 200 cmbdv2.js Show response
www.teamtruebeauty.com/detroitchicago/ 43 KB
10 KB 34ms
34ms Script
application/javascript 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.teamtruebeauty.com/detroitchicago/cmbdv2.js?gcb=195-0&cb=03-5y0c-5y18-4&cmbcb=90&sj=x03x0cx18
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7a4cd340ec622c833033a53d80bd6f9a51e8facbac6e4df267c035c749cc1d78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 cl.gif
www.teamtruebeauty.com/detroitchicago/ 43 B
77 B 24ms
24ms Image
image/gif 18.159.80.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.teamtruebeauty.com/detroitchicago/cl.gif?pvID=a70a8968-8f7b-449e-41b5-9ef4e6d995ed&dID=363648
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.159.80.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-80-129.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: br
server: nginx
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-length: 47
expires: Wed, 20 Jul 2022 10:48:45 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/ 338 KB
120 KB 104ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8437179536443777&plah=www.teamtruebeauty.com&bust=31068511

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8437179536443777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbebd489eb798ec04a382981d995d0232ea460b786225c08cf366e9a06cd7913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121953
x-xss-protection: 0
server: cafe
etag: 4715876515668967535
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 10:48:45 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/ Frame D32A 10 KB
5 KB 77ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220719/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8437179536443777

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.teamtruebeauty.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 44325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 22:30:00 GMT
etag: 8616628553774171045
expires: Wed, 03 Aug 2022 22:30:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
447 B 86ms
24ms Script
application/javascript 2600:9000:225f:7200:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:7200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 05:10:00 GMT
via: 1.1 b856a1aa27e94fb19383ead3883c0db4.cloudfront.net (CloudFront)
age: 20327
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: TXL50-P2
accept-ranges: bytes
x-amz-cf-id: doLTCz3hOk1qG00doWhvDQfAxG1palEbm3gvljjjPV_3EnCO-yi09Q==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 222 B
653 B 92ms
30ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.teamtruebeauty.com&callback=_gfp_s_&client=ca-pub-8437179536443777

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8437179536443777&plah=www.teamtruebeauty.com&bust=31068511

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

215280e5427626180d7bd6bab360d651774c61545e9ed7600d856d14869e1e35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 209
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 85ms
32ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.teamtruebeauty.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 10:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 86ms
32ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.teamtruebeauty.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 10:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D4C3 90 KB
17 KB 532ms
486ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8437179536443777&output=html&adk=1812271804&adf=3025194257&lmt=1658400526&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.teamtruebeauty.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1658400525886&bpp=4&bdt=180&idt=184&shv=r20220719&mjsv=m202207140101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6891421530851&frm=20&pv=2&ga_vid=1630929853.1658400526&ga_sid=1658400526&ga_hid=2037573864&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763506%2C44761793%2C31068511&oid=2&pvsid=3643848070417044&tmod=819485057&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=203

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44e68374863f68e6123b499f69bf73c22336120ab9f7a89fba5085f837e5dbeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.teamtruebeauty.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 16912
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 10:48:46 GMT
expires: Thu, 21 Jul 2022 10:48:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pixel;r=1983739658;labels=Domain.teamtruebeauty_com%2CDomainId.363648;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.teamtruebeauty.com%2F;uht=2;fpan=1;fpa=P0-579741825-1658400526093;pbc=;ns=0;ce=1;q...
pixel.quantserve.com/ 35 B
371 B 36ms
27ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1983739658;labels=Domain.teamtruebeauty_com%2CDomainId.363648;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fwww.teamtruebeauty.com%2F;uht=2;fpan=1;fpa=P0-579741825-1658400526093;pbc=;ns=0;ce=1;qjs=1;qv=623fd1d5-20220713234410;cm=;gdpr=0;ref=;d=teamtruebeauty.com;dst=0;et=1658400526093;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.Home%20%7C%20Team%20True%20Beauty%2Curl.https%3A%2F%2Fwww%252Eteamtruebeauty%252Ecom%2F%2Csite_name.Team%20True%20Beauty%2Cimage.https%3A%2F%2Fwww%252Eteamtruebeauty%252Ecom%2Fwp-content%2Fuploads%2F2018%2F04%2FA0055395_orderMock_090%2Cimage%3Asecure_url.https%3A%2F%2Fwww%252Eteamtruebeauty%252Ecom%2Fwp-content%2Fuploads%2F2018%2F04%2FA0055395_orderMock_090%2Cimage%3Awidth.1080%2Cimage%3Aheight.727%2Cimage%3Aalt.Team%20True%20Beauty%2Cimage%3Atype.image%2Fjpeg

Requested by

Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 10:48:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/ 150 KB
54 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207140101/reactive_library_fy2019.js?bust=31068511

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54bc1741ff491bd9a6b58a1e8ff187a48366cf95cb0f78391bdb3382495cc5fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54821
x-xss-protection: 0
server: cafe
etag: 4679237515885940558
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Jul 2022 10:48:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 80ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.teamtruebeauty.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 10:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 78ms
31ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.teamtruebeauty.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 10:48:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/ Frame F49E 10 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.teamtruebeauty.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 40128
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 20 Jul 2022 23:39:58 GMT
etag: 8616628553774171045
expires: Wed, 03 Aug 2022 23:39:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012207071723000/ Frame F49E 220 KB
60 KB 125ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 44966
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61513
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 22:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a40ea3ab2445e497"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 22:19:20 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame F49E 14 KB
6 KB 103ms
21ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 42002
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5205
x-xss-protection: 0
server: sffe
date: Wed, 20 Jul 2022 23:08:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ecf6d7700179f984"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 20 Jul 2023 23:08:44 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame F49E 94 KB
28 KB 147ms
66ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-analytics-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 214822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28819
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 23:08:24 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9ca8eecb6dce4cd9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 23:08:24 GMT

GET
H2 200 amp-carousel-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame F49E 32 KB
10 KB 104ms
24ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-carousel-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27039e2f6198a1703cf8fe717dde4ff6a4e71e792dfb72c7f60714887177202c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 23180
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10088
x-xss-protection: 0
server: sffe
date: Thu, 21 Jul 2022 04:22:26 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "7b2076e98fad310e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jul 2023 04:22:26 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame F49E 5 KB
2 KB 109ms
29ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-fit-text-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 29411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1910
x-xss-protection: 0
server: sffe
date: Thu, 21 Jul 2022 02:38:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4aeabff663ac872e"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 21 Jul 2023 02:38:35 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame F49E 40 KB
13 KB 110ms
30ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-form-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 237298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12946
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "10eeb975567515a5"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:48 GMT

GET
H2 200 amp-gwd-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012207071723000/v0/ Frame F49E 6 KB
3 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/v0/amp-gwd-animation-0.1.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a086cc4792220860782022b6782c496bea5e23b4585a493ae049747ab521a214

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 237286
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2449
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:54:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "a280f7ae5bcb1d14"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:54:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F49E 5 KB
1 KB 93ms
34ms Stylesheet
text/css 2a00:1450:400e:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Bitter:700,600|Barlow:600,700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63e0c5341b40688c78fab1dff3eb4c2cd1ccef13ca535fbe8400778e74961d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 21 Jul 2022 10:41:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 21 Jul 2022 10:48:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 21 Jul 2022 10:48:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F49E 2 KB
3 KB 90ms
23ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:48:35 GMT
x-content-type-options: nosniff
server: cafe
age: 3611
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Fri, 22 Jul 2022 09:48:35 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F49E 295 B
756 B 87ms
21ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 09:55:02 GMT
x-content-type-options: nosniff
server: cafe
age: 3224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 22 Jul 2022 09:55:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F49E 0
21 B 65ms
65ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C1S2aDi_ZYvXzCb6P7_UP46qt8AKOyMSIa96Hp7zuD7fpor3AARABIKngqVFglbKVgqQHyAEJqQJNaAUPoiCxPqgDAcgDCKoE4AFP0C8eZz-gprjNyvD1pj9wpo4BWMtOE0sYq0EQElTyD_Cr5zrRiZXVgNuESlo_PZ0drPS4uQVPHIngVVLDZC9PRnTRo4zeGM4UyAjNUklizfYvBdkIGRy93FIArQrpdykuXgrV-zklU-RTV-amhlBssUrSe2oIjlj46lynVT5FpELVBpA3XZ-RwZcjs3ANnphgBbTX97OoXQZHBBkxxgqJQTOKQch2m1W1HRfu9GW0HH69NbE_mjCJKrH5fLVsQkq1v1hbGgh4f9VIOIH3ufe29tICq2r3_sx56L7xhzwIM8AE5fDbuvoDkgUECAQYAZIFBAgFGASgBi6AB5z90WOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBRDB9bUB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItODQzNzE3OTUzNjQ0Mzc3NxgA&sigh=Y3_uWPKx7z8&uach_m=[UACH]&template_id=419

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 21 Jul 2022 10:48:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 21 Jul 2022 10:48:46 GMT

GET
H2 200 728x90_00.jpg
tpc.googlesyndication.com/sadbundle/15770826273504416802/ Frame F49E 34 KB
34 KB 90ms
24ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/15770826273504416802/728x90_00.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220719/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb6cc9e2b088001f70c8a724fc85d280a94b1faacbc0f989996a02360d80be4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 07:56:42 GMT
x-content-type-options: nosniff
age: 269524
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34847
x-xss-protection: 0
last-modified: Mon, 09 May 2022 07:38:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 18 Jul 2023 07:56:42 GMT

GET
DATA 200
OK truncated
/ Frame F49E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9f3651f19a6d8fb702e3340d59ffeb3233134720f35e3f7df6212d241a30b35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012207071723000/ 23 KB
8 KB 70ms
23ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012207071723000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

674eae0be0bae4c3d6a1e60843fa7f4d8d940f76118b2ac2a3208ef17c6bfab0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 237289
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7855
x-xss-protection: 0
server: sffe
date: Mon, 18 Jul 2022 16:53:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "edded153d60ffda4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 18 Jul 2023 16:53:58 GMT

GET
H3 200 rax8HiqOu8IVPmn7f4xp.woff2
fonts.gstatic.com/s/bitter/v28/ Frame F49E 30 KB
30 KB 67ms
23ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/bitter/v28/rax8HiqOu8IVPmn7f4xp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:700,600|Barlow:600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c470360f2548fb327562d8ce35185a96f59ab6daeb56c0d45ab712b63de848da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Wed, 20 Jul 2022 10:48:18 GMT
x-content-type-options: nosniff
age: 86429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30896
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:46:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Jul 2023 10:48:18 GMT

GET
H3 200 7cHqv4kjgoGqM7E30-8s51os.woff2
fonts.gstatic.com/s/barlow/v12/ Frame F49E 21 KB
21 KB 70ms
26ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/barlow/v12/7cHqv4kjgoGqM7E30-8s51os.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Bitter:700,600|Barlow:600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Tue, 19 Jul 2022 22:25:40 GMT
x-content-type-options: nosniff
age: 130987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21796
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:35:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Jul 2023 22:25:40 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 87ms
41ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220719&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a50b2c9a622e45ab3a8c42f4fbef23aa04a7c8b0c69bc3d76dc851404dfdce3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 21 Jul 2022 10:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11048
x-xss-protection: 0

POST
H2 200 /
to.getnitropack.com/ 20 B
469 B 186ms
95ms Ping
text/html 84.17.46.53
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://to.getnitropack.com/

Requested by

Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

84.17.46.53 Amsterdam, Netherlands, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

unn-84-17-46-53.cdn77.com

Software

BunnyCDN-AMS-879 / PHP/7.3.33

Resource Hash

a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.teamtruebeauty.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySXBdBzQsItA3qYSB

Response headers

date: Thu, 21 Jul 2022 10:48:47 GMT
content-encoding: none
cdn-edgestorageid: 879
x-powered-by: PHP/7.3.33
cdn-cachedat: 07/21/2022 10:48:47
cdn-pullzone: 234442
content-length: 20
server: BunnyCDN-AMS-879
cdn-proxyver: 1.02
cdn-requestpullcode: 200
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cdn-uid: b7e07321-6c82-48dc-b332-ec6b5d5d2a32
cache-control: public, max-age=0
cdn-requestid: 933973d4cc592dbead9c7af78af05ec3
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 82ms
34ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 10:48:47 GMT

GET
H3 200 nitro-min-noimport-2e79ba4c00fc1521229e3d16c8b28600-stylesheet.css
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/ 87 KB
12 KB 61ms
36ms Stylesheet
text/css 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-2e79ba4c00fc1521229e3d16c8b28600-stylesheet.css
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93b795eb97f8855c857fe00bd26e590b0470b408eb2b68401004b714df42ee2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 16:57:53 GMT
server: cloudflare
age: 140239
etag: W/"62d6e291-15dba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
link: <https://www.teamtruebeauty.com/combinedCss/2e79ba4c00fc1521229e3d16c8b28600-stylesheet.css>; rel="canonical"
cf-ray: 72e35dbf5c029090-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nitro-min-noimport-6ebb6e7f149fe125bf016883957a9dab-stylesheet.css
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/ 1 MB
133 KB 78ms
54ms Stylesheet
text/css 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-6ebb6e7f149fe125bf016883957a9dab-stylesheet.css
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecc7f3abf0d8259d81d4dc6974bb19d5a5847d85240b39a26c550ee7c9ea8849

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 16:57:53 GMT
server: cloudflare
age: 140239
etag: W/"62d6e291-132192"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
link: <https://www.teamtruebeauty.com/combinedCss/6ebb6e7f149fe125bf016883957a9dab-stylesheet.css>; rel="canonical"
cf-ray: 72e35dbf5bfe9090-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 nitro-min-noimport-b3b4d32b4b3a1e17c28198e6814cd416-stylesheet.css
cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/ 37 KB
9 KB 60ms
36ms Stylesheet
text/css 2606:4700::6812:1690
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-b3b4d32b4b3a1e17c28198e6814cd416-stylesheet.css
Requested by: Host: www.teamtruebeauty.com
URL: https://www.teamtruebeauty.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1690 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6009369e34039cb9b1f2596bb9aea75b6fa9e910ab4ab084b0a1bb3d1379d080

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 19 Jul 2022 16:57:53 GMT
server: cloudflare
age: 140239
etag: W/"62d6e291-956b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000, public
link: <https://www.teamtruebeauty.com/combinedCss/b3b4d32b4b3a1e17c28198e6814cd416-stylesheet.css>; rel="canonical"
cf-ray: 72e35dbf5c039090-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A255 13 KB
5 KB 26ms
26ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.teamtruebeauty.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2110
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 10:13:37 GMT
expires: Fri, 21 Jul 2023 10:13:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 535A 783 B
1 KB 84ms
33ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

61419eba228de300665d2a85b45cee72611993e80d711648c10043626ee72caf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L-Xd1pYia7_aUiaeRpCgQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.teamtruebeauty.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-L-Xd1pYia7_aUiaeRpCgQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 21 Jul 2022 10:48:47 GMT
expires: Thu, 21 Jul 2022 10:48:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js Show response
pagead2.googlesyndication.com/bg/ Frame A255 36 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hAcQ1HJPiWed0xS-2rpeDcqHSonjWYPwT2sC_KX0O-Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:13:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2109
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13821
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 21 Jul 2023 10:13:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 535A 0
0 71ms
70ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220719&jk=3643848070417044&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A255 0
9 B 22ms
22ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c901uA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

date: Thu, 21 Jul 2022 10:48:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 69ms
68ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220719&jk=3643848070417044&bg=!qqmlqe3NAAZlvz3gRb87ACkAdvg8WjRYX8DN_iAAJEAFzdZWow0iGQiD48iWm8jOO0TQT_aU2JMw6AIAAACnUgAAAARoAQeZAqi44dR3qgotCvXU2DP7yLjyT11L4isuLug8bEwLhAyPl0WXqr8ktz5Bi9HEKrLKGKT_5G8FTps6ATwL7K95T5_D5T3Kn0CEx6eJIxh_4qASL-r2hUv6Frju5IA9J07c6FlXSZLXNsbWvApzdgcbkT9t2DC7p_M0ha4YX6eNnR6Vf--WC9pISZ4ZZDB94CzoOGb4zFfjGdi8fS8WyVf2dkoXOBSqVUc4w20PpYGDYBeaxWWgJhh4WEoRCY2R90DS6nCk_LaiBl34Pziib2HWAW1mwU0hnr4t3UTfp7bK2PdMtjGLbHhajJRUxtoPWtQXH06oCTxcH-N1HhkBhBtRgGQCS4T18fUdn2xy-uEN8LmbbvfsDCOPGSM2WIYIKoCM10h8hWvnzq4q2lgFDqhB_fx7_qLrpYxBqw613ODg7chr-sHi0VJDa6TYGvPZGml8qOaTJgtQcxdE3sZbkTgU3Pj25l9p52ngwJrlteJoRNS_AsLrgJ9A23KbM98-7tTKQq1KyEu3dV67I8yYbPk_t35dj0aJatsYxo6xYvQIIuul4yzMNblE24Ql6nmDh1000KRG2ney_-uCo7fBfqQEcoDVa8gQ_6xyP8EvgMXo7qeaR3R9Zm0JrZItv5ukO5SgFBSJwlgr8kStgxrgc9tRagDKb2TOTJyQjqHPVc1MjWWxd9tv4nH1b9W2BmltSIuLfgKMsYN7uNbqR_zBLVzbbU3xtvqAudYhGSAVL9RJcfN5j_gMrUVZGvoItktHmdMmHBZfthYlRSEtjrCx2BCNZAFKia53NfUV-VXyM3p_bp-tv1nA91-cDmZV9MojLNyOthnAZGH5udhW-gUAtfjwK5WpoDAp5xOZbgB6lTyZjGX34ORhPVtcNUkFH-lnH_ziG6oQHC4VThx_Mg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.teamtruebeauty.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F49E 42 B
64 B 57ms
57ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQ6cTcYfZKDGnZBUGPHKqRE2GM0-fh6yzetYIyJh9DwjbwBM0I27cR8wdgd1zh1Pmn09roz2Xku_kiJdj1OrXb5JyjLuLopP-d3tBJP6XJmaosKLcDPbkrMkm_&sai=AMfl-YQxXb7Q4pvFc71QK62bIBB4ivCyS8S489zp6q-2l_VyWhGi8rbb4fXXnwSDP-pQVZL4o3E5jWzocw6V&sig=Cg0ArKJSzG5zFI9rcR2cEAE&id=ampim&o=0,125&d=1005,124&ss=1600,1200&bs=1005,124&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=318&tls=1437&g=55.645161867141724&h=100&tt=1438&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1812271801

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.134 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 21 Jul 2022 10:48:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.teamtruebeauty.com/	1970-01-20 04:40:02	Name: ezoadgid_363648 Value: -1
.teamtruebeauty.com/	1970-01-20 04:40:07	Name: ezoref_363648 Value:
.teamtruebeauty.com/	1970-01-20 13:25:36	Name: ezosuibasgeneris-1 Value: 3dfd7e8b-d70a-4fe3-77e0-d40d1f8419f8
.teamtruebeauty.com/	1970-01-20 04:40:07	Name: ezoab_363648 Value: mod1-c
.teamtruebeauty.com/	1970-01-20 04:40:02	Name: lp_363648 Value: https://www.teamtruebeauty.com/
.teamtruebeauty.com/	1970-01-20 04:42:53	Name: ezovuuidtime_363648 Value: 1658400525
.teamtruebeauty.com/	1970-01-20 04:40:02	Name: ezovuuid_363648 Value: 3bbc2db3-b8fe-4c8c-58e1-154e62866ad5
.teamtruebeauty.com/	1970-01-20 04:40:02	Name: ezopvc_363648 Value: 1
www.teamtruebeauty.com/	1969-12-31 23:59:59	Name: nitroCachedPage Value: 1
.quantserve.com/	1970-01-20 14:10:14	Name: mc Value: 62d92f0e-1cd82-0db37-7f773
.teamtruebeauty.com/	1970-01-20 14:04:29	Name: __qca Value: P0-579741825-1658400526093
.teamtruebeauty.com/	1970-01-20 14:01:36	Name: __gads Value: ID=d76464e3ecbcc6d7-22bf0541d3cd00d7:T=1658400526:RT=1658400526:S=ALNI_MZyTZLm7bdv6EBKU7s6fVX6WpkCrw
.doubleclick.net/	1970-01-20 14:01:36	Name: IDE Value: AHWqTUmoH6ppgynDgUhoAPgDOY1VKdyXa8AMIvs5_ejF7H_kC4Xj03oY2Mcvy0Wc71Y

47 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012207071723000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-2e79ba4c00fc1521229e3d16c8b28600-stylesheet.css
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-6ebb6e7f149fe125bf016883957a9dab-stylesheet.css
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-b3b4d32b4b3a1e17c28198e6814cd416-stylesheet.css
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: css-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-2e79ba4c00fc1521229e3d16c8b28600-stylesheet.css
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: css-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-6ebb6e7f149fe125bf016883957a9dab-stylesheet.css
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: css-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/combinedCss/nitro-min-noimport-b3b4d32b4b3a1e17c28198e6814cd416-stylesheet.css
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/jquery/nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/jquery/nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/gravityforms/js/nitro-min-72e63a96e64001af455270c6885107c4.jquery.json.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/gravityforms/js/nitro-min-72e63a96e64001af455270c6885107c4.gravityforms.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://www.googletagmanager.com/gtag/js?id=G-0FZ7SQSDHT
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/nitro-min-58e32f528e53a9f348bb26966398460408b90b92.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/Badges/nitro-min-DMCABadgeHelper.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/link-whisper-premium/js/nitro-min-fa3f293db98cc47100a1e874591a2838.frontend.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/vendor/nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/vendor/nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-9aec28032826eecc66baf34f3ebbaa8d.dom-ready.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-cbb5d1e91b9a8417d86bfeb314daa78c.hooks.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-771a52b4530a27e460955a3b4445cf21.i18n.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-416f5dafd506a74514921c10cdc332ee.a11y.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/desktop/optimized/rev-f4f3cc6/gsi/nitro-min-d41d8cd98f00b204e9800998ecf8427e.client
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/essential-addons-elementor/nitro-min-d41d8cd98f00b204e9800998ecf8427e.734e5f942.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/lazy-load-for-videos/public/js/nitro-min-979bdb0618d80797eb90a766da500c8e.lazyload-shared.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/lazy-load-for-videos/public/js/nitro-min-979bdb0618d80797eb90a766da500c8e.lazyload-youtube.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/lazy-load-for-videos/public/js/nitro-min-979bdb0618d80797eb90a766da500c8e.lazyload-vimeo.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: Preloading https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/themes/acabado/js/nitro-min-1c969273d8c490bcc8d0a36def257444.app.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/lazy-load-for-videos/public/js/nitro-min-979bdb0618d80797eb90a766da500c8e.lazyload-youtube.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/jquery/nitro-min-af6cb5bfb91ce2d78377e57c8d18ffc0.jquery.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/vendor/nitro-min-39373f825d7812e4c0eff141ce43ad5b.regenerator-runtime.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/jquery/nitro-min-d6171631e2919215b5e490dc93564c56.jquery-migrate.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-cbb5d1e91b9a8417d86bfeb314daa78c.hooks.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/vendor/nitro-min-2c7cef87d91a8c32817cef0915f9141b.wp-polyfill.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/lazy-load-for-videos/public/js/nitro-min-979bdb0618d80797eb90a766da500c8e.lazyload-shared.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/lazy-load-for-videos/public/js/nitro-min-979bdb0618d80797eb90a766da500c8e.lazyload-vimeo.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/themes/acabado/js/nitro-min-1c969273d8c490bcc8d0a36def257444.app.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-416f5dafd506a74514921c10cdc332ee.a11y.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-771a52b4530a27e460955a3b4445cf21.i18n.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/link-whisper-premium/js/nitro-min-fa3f293db98cc47100a1e874591a2838.frontend.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/gravityforms/js/nitro-min-72e63a96e64001af455270c6885107c4.gravityforms.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/nitro-min-58e32f528e53a9f348bb26966398460408b90b92.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/desktop/optimized/rev-f4f3cc6/gsi/nitro-min-d41d8cd98f00b204e9800998ecf8427e.client
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/Badges/nitro-min-DMCABadgeHelper.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-includes/js/dist/nitro-min-9aec28032826eecc66baf34f3ebbaa8d.dom-ready.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/uploads/essential-addons-elementor/nitro-min-d41d8cd98f00b204e9800998ecf8427e.734e5f942.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://cdn-fbndh.nitrocdn.com/MbUbJzhwnSONNAtyfGqcnSeZrPvQxcet/assets/static/optimized/rev-f4f3cc6/wp-content/plugins/gravityforms/js/nitro-min-72e63a96e64001af455270c6885107c4.jquery.json.min.js
worker	info	URL: blob:https://www.teamtruebeauty.com/e0e60b8e-5a44-4ac9-8883-566deb6f9fed Message: js-preload DONE: https://www.googletagmanager.com/gtag/js?id=G-0FZ7SQSDHT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn-fbndh.nitrocdn.com
cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.quantserve.com
rules.quantcount.com
secure.quantserve.com
to.getnitropack.com
tpc.googlesyndication.com
www.google.com
www.teamtruebeauty.com
142.250.186.66
18.159.80.129
2600:9000:225f:7200:6:44e3:f8c0:93a1
2606:4700::6812:1690
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2001
2a00:1450:400e:80e::200a
84.17.46.53
1c5ad2fd42dffdf04a0f1d757c1cccb4d840218d7ecada79d6cc9db33ca40319
1f60719cc1c4f7974db6a3ca88ee057918d2b9b493db476cd00ec68a83bc0daa
215280e5427626180d7bd6bab360d651774c61545e9ed7600d856d14869e1e35
27039e2f6198a1703cf8fe717dde4ff6a4e71e792dfb72c7f60714887177202c
2b14e8397d552f351a4396dec25ec5da1348865683100e94c4ab0faea4a9a254
339be152a2399ee136d14d580bf4af802532288abd004db246c63f264d6b7e6e
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3bd651a75b41ffd685e205862db2da8e5e758f8a34141738ec0450b60b8d861a
404e1c6e99403a4442497b1c0405949133763189f564110d0863a274c4fa2634
44e68374863f68e6123b499f69bf73c22336120ab9f7a89fba5085f837e5dbeb
4a50b2c9a622e45ab3a8c42f4fbef23aa04a7c8b0c69bc3d76dc851404dfdce3
53f454f9a783c84eda9c83f8ddbcd67a2558646765f664ee22393ad89cc90486
54bc1741ff491bd9a6b58a1e8ff187a48366cf95cb0f78391bdb3382495cc5fa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
574d9c501654d592fb31796d8269e48880618cc7d4b55d424286b50fe6b7aacc
5d466e0e01eac216b28b07012042dcd8391c0929fe4825d25f4051885afd6cfc
6009369e34039cb9b1f2596bb9aea75b6fa9e910ab4ab084b0a1bb3d1379d080
61419eba228de300665d2a85b45cee72611993e80d711648c10043626ee72caf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63e0c5341b40688c78fab1dff3eb4c2cd1ccef13ca535fbe8400778e74961d4b
674eae0be0bae4c3d6a1e60843fa7f4d8d940f76118b2ac2a3208ef17c6bfab0
71725e55a3804be02a725592cef01f3abbae652f3a0ddf1f585bef1ccb2e3c7f
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0
7a4cd340ec622c833033a53d80bd6f9a51e8facbac6e4df267c035c749cc1d78
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
820781b9180e87a5f79b1019518d53035ed95da219d0ca8305a50bd342138f0e
840710d4724f89679dd314bedaba5e0dca874a89e35983f04f6b02fca5f43be4
8c40f530a22a982117388d12fd3d0cd3ef96762aed2cde710b086d6c34e7912d
93b795eb97f8855c857fe00bd26e590b0470b408eb2b68401004b714df42ee2e
9c3d0bccc2ac541b4e08e6c2d4e46c4d9cb2988495a36ad61502e99660ebd532
a086cc4792220860782022b6782c496bea5e23b4585a493ae049747ab521a214
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
aa1bd2cbc3098057cdc42d522baf5c8ad211a9d10741e881c64e41cdcaa933fb
aa497572a264f0a35be76178b2ef71de981199be53af1c4608d592947f5c2e97
bd21cde0239505096938a47eb2ca3b64446e47ec500773bae4f55f71ec983a5e
c470360f2548fb327562d8ce35185a96f59ab6daeb56c0d45ab712b63de848da
c9f3651f19a6d8fb702e3340d59ffeb3233134720f35e3f7df6212d241a30b35
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbebd489eb798ec04a382981d995d0232ea460b786225c08cf366e9a06cd7913
ce814f4106bda7deaa74fe31f9773d5a69254662cfef51e5b176e11100946186
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
dafa3ce4de4cc56876b0fc6c36628fbcade9f4b07d7f27e4ca67744d91b2beb7
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
e35c6a6643cd9c96f769012c6f5cfaa7665e1e687ed0840ecf43d63344f3f40c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ce03dbe69b56d6571d0a152fab8217083cbbab66a4a34bff0be31842d5200e
eb6cc9e2b088001f70c8a724fc85d280a94b1faacbc0f989996a02360d80be4e
ecc7f3abf0d8259d81d4dc6974bb19d5a5847d85240b39a26c550ee7c9ea8849
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f217f04ae9d792919f5d2b7b95ecbd718521763c6a101fc8848cf264e6375dc0
f4d3eafaf26912ddf3fcbda012c6ab84ee03420313f73324e14edf73382766cf
fa4ea8e54139dd16f73e5a3aca1e036ae5699fd2a2da1fe7bb6c5b59caca7674

www.teamtruebeauty.com Open in urlscan Pro 18.159.80.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

98 %HTTPS

80 %IPv6

13 Domains

16 Subdomains

16 IPs

4 Countries

993 kBTransfer

3275 kBSize

13 Cookies

2 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.teamtruebeauty.com Open in urlscan Pro
18.159.80.129 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

98 %
HTTPS

80 %
IPv6

13
Domains

16
Subdomains

16
IPs

4
Countries

993 kB
Transfer

3275 kB
Size

13
Cookies

57 HTTP transactions
8 data transactions