Submitted URL: http://untoldtea.com/
Effective URL: https://untoldtea.com/
Submission: On August 10 via api from US — Scanned from DE

Summary

This website contacted 44 IPs in 7 countries across 34 domains to perform 223 HTTP transactions. The main IP is 2606:4700:7::a29f:872a, located in United States and belongs to CLOUDFLARENET, US. The main domain is untoldtea.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.
This is the only time untoldtea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 32 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 18.66.112.102 16509 (AMAZON-02)
5 2600:9000:249... 16509 (AMAZON-02)
24 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
7 44.224.187.254 16509 (AMAZON-02)
1 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 33 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2600:9000:206... 16509 (AMAZON-02)
5 8 2a00:1450:400... 15169 (GOOGLE)
1 2 2620:116:800d... 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
4 4 104.96.159.57 16625 (AKAMAI-AS)
11 142.250.186.162 15169 (GOOGLE)
2 35.186.253.211 15169 (GOOGLE)
2 185.64.190.78 62713 (AS-PUBMATIC)
2 2 69.173.144.139 26667 (RUBICONPR...)
3 3 104.18.19.126 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 18.195.201.66 16509 (AMAZON-02)
2 34.98.67.61 15169 (GOOGLE)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 18.195.92.58 16509 (AMAZON-02)
1 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
1 2a02:26f0:f70... 20940 (AKAMAI-ASN1)
4 2a02:26f0:ea:... 20940 (AKAMAI-ASN1)
4 3.221.12.160 14618 (AMAZON-AES)
1 54.145.157.73 14618 (AMAZON-AES)
6 2600:9000:223... 16509 (AMAZON-02)
2 2 185.89.210.141 29990 (ASN-APPNEX)
1 35.172.49.77 14618 (AMAZON-AES)
4 35.157.246.167 16509 (AMAZON-02)
2 52.57.79.170 16509 (AMAZON-02)
2 104.17.120.107 13335 (CLOUDFLAR...)
223 44
Apex Domain
Subdomains
Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
1017 KB
35 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
195 KB
32 untoldtea.com
untoldtea.com
981 KB
24 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 21328
static.avantisvideo.com — Cisco Umbrella Rank: 21877
events1.avantisvideo.com — Cisco Umbrella Rank: 20158
cdn1.avantisvideo.com — Cisco Umbrella Rank: 25331
avm.avantisvideo.com — Cisco Umbrella Rank: 22033
content1.avantisvideo.com — Cisco Umbrella Rank: 39516
878 KB
15 gstatic.com
fonts.gstatic.com
www.gstatic.com
195 KB
11 aniview.com
play.aniview.com — Cisco Umbrella Rank: 15151
player.aniview.com — Cisco Umbrella Rank: 1567
track1.aniview.com — Cisco Umbrella Rank: 1647
go1.aniview.com — Cisco Umbrella Rank: 4734
sync.aniview.com — Cisco Umbrella Rank: 2403
211 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
259 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
5 KB
4 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910
212 B
4 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1751
3 KB
4 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4423
k.p-n.io — Cisco Umbrella Rank: 2855
58 KB
3 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
3 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2742
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
154 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
129 KB
2 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2731
2 KB
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2634
313 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 462
2 KB
2 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 925
462 B
2 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
921 B
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 636
207 B
2 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
416 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
107 B
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1083
793 B
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
914 B
1 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 11018
71 KB
1 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1388
296 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 568
763 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
646 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731
14 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
30 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 951
13 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
223 34
Domain Requested by
33 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
32 untoldtea.com 1 redirects untoldtea.com
code.jquery.com
23 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
untoldtea.com
17 pagead2.googlesyndication.com untoldtea.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
11 cm.g.doubleclick.net untoldtea.com
googleads.g.doubleclick.net
10 www.gstatic.com googleads.g.doubleclick.net
8 www.google.com 5 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
7 events1.avantisvideo.com untoldtea.com
6 content1.avantisvideo.com player.avplayer.com
6 www.googletagservices.com googleads.g.doubleclick.net
6 fonts.googleapis.com untoldtea.com
googleads.g.doubleclick.net
5 fonts.gstatic.com fonts.googleapis.com
4 c2shb.pubgw.yahoo.com player.aniview.com
4 track1.aniview.com player.aniview.com
4 player.aniview.com cdn.avantisvideo.com
player.aniview.com
4 e.dlx.addthis.com 4 redirects
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 cdn.avantisvideo.com www.googletagmanager.com
cdn.avantisvideo.com
3 ssum-sec.casalemedia.com 3 redirects
3 www.googletagmanager.com untoldtea.com
www.googletagmanager.com
3 cdnjs.cloudflare.com untoldtea.com
cdnjs.cloudflare.com
2 biddr.brealtime.com player.aniview.com
2 hb.emxdgt.com player.aniview.com
2 secure.adnxs.com 2 redirects
2 k.p-n.io cdn.p-n.io
2 odr.mookie1.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 pixel.rubiconproject.com 2 redirects
2 image6.pubmatic.com googleads.g.doubleclick.net
2 rtb.openx.net googleads.g.doubleclick.net
2 id.rlcdn.com googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 static.avantisvideo.com cdn.avantisvideo.com
2 cdn.p-n.io www.googletagmanager.com
cdn.p-n.io
1 sync.aniview.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 player.avplayer.com cdn.avantisvideo.com
1 play.aniview.com cdn.avantisvideo.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ag.innovid.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com untoldtea.com
1 code.jquery.com untoldtea.com
1 use.fontawesome.com untoldtea.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
223 50

This site contains links to these domains. Also see Links.

Domain
socialsnap.com
Subject Issuer Validity Valid
untoldtea.com
Cloudflare Inc ECC CA-3
2022-07-05 -
2023-07-04
a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-06 -
2023-06-05
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2021-07-14 -
2022-08-14
a year crt.sh
upload.video.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
pushlycdn.com
Amazon
2022-02-14 -
2023-03-15
a year crt.sh
*.avantisvideo.com
Amazon
2021-11-24 -
2022-12-22
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.de
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.google.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2022-07-18 -
2022-10-10
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2021-09-22 -
2022-09-21
a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA
2022-02-03 -
2023-02-25
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2022-06-13 -
2023-07-14
a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1
2022-02-24 -
2023-03-27
a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-03-15 -
2023-04-15
a year crt.sh
*.p-n.io
Amazon
2022-01-10 -
2023-02-06
a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA
2021-12-30 -
2023-01-03
a year crt.sh
outstreamedia.com
R3
2022-07-17 -
2022-10-15
3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2022-08-02 -
2023-01-25
6 months crt.sh
*.emxdgt.com
Amazon
2022-06-02 -
2023-07-01
a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2
2022-01-21 -
2023-02-22
a year crt.sh

This page contains 30 frames:

Primary Page: https://untoldtea.com/
Frame ID: AE195940FF01E1EB487DB3647C8CCDAB
Requests: 97 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Frame ID: C8D9C8043DC990A8C62372C166DCE0B2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1660136894&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893898&bpp=6&bdt=525&idt=137&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=230369233632&frm=20&pv=2&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=155
Frame ID: CAFC4AB425B574DF59078AED70E77357
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Frame ID: 788DA6C7A8302E8BB30F0624662D1C27
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0E3FCCBF6D1064433A031DC0142FB1E3
Requests: 2 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: D0A96F31785C915F1AF8C78F0090C58B
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Frame ID: C62D606C60113BBE58BEC7C412F0C7DD
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Frame ID: 6B80C857DF9E9FC0D24552845D9C820F
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Frame ID: 1D62B638EF3410D2FD18EBBAB897BD47
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0503A048FA9A454E47E72101607E7AE8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: 2AFB0319D8BB3D1480CE653315DEE499
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 1E23BDE6B5EFE60611A6C8082C9F850F
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 109ED15454CA2DCBEDD427DEDF24F259
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 00471B2DA162D856DA98317428618BFE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 856987D6250384716132623528EE98B3
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: AB4278ECB8BC7B5908963DB63CBB226B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 0F0851A872BDD511E4F750DC8D2EEE9F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9CDC7D080A29AB60E0948112D15D18E0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3FAA57874007EDACB017B9CC940C3B8E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 3712F09200DB2E8E70EB1209FC48D9A1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 30E9B24343063B1FE1A19A3895C79D96
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A9404EE2BDBC318DDD7F684BB1098F11
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 6AA1E69B7773013286E7FA54C7A939E9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Frame ID: 76244900E513836F5124D427E5D141B5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A652D82E43A8C8B6ED403F39A87B79DC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CEB5AF9F1B48F32FD6C5CC44F8D651C
Requests: 2 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Frame ID: 6CC2481501A40DC85BC8A1BADF4E4914
Requests: 4 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660136896827-960872106006-006803-006-002531&biddername=55&key=6838623281319484762
Frame ID: B473FDD21EE40B50127B15E86F8841A4
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: C456B33C2275B6B785E6DEF08A76CEE2
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: D51ED60257E75FD0A2BCDDFD545C6A89
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Untoldtea

Page URL History Show full URLs

  1. http://untoldtea.com/ HTTP 301
    https://untoldtea.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js


Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

223
Requests

95 %
HTTPS

58 %
IPv6

34
Domains

50
Subdomains

44
IPs

7
Countries

4236 kB
Transfer

8856 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://untoldtea.com/ HTTP 301
    https://untoldtea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 101
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 103
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 137
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AJDsxfh4UVG7fGby5G6PV6I1sMZn-vON6xyB2W2cdljBlNMCAvMKUDIp5x7Ge4CP-2qVxGJiLbtkFaq_OXFGfBA8xUNu4E&google_gid=CAESEEcxXCjYisEOUgY5bEn-FM0&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AJDsxfh4UVG7fGby5G6PV6I1sMZn-vON6xyB2W2cdljBlNMCAvMKUDIp5x7Ge4CP-2qVxGJiLbtkFaq_OXFGfBA8xUNu4E&google_gid=CAESEEcxXCjYisEOUgY5bEn-FM0&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMjM5MDM2NjUyMQ%3D%3D&google_push=AehlK4AJDsxfh4UVG7fGby5G6PV6I1sMZn-vON6xyB2W2cdljBlNMCAvMKUDIp5x7Ge4CP-2qVxGJiLbtkFaq_OXFGfBA8xUNu4E
Request Chain 140
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGxrqG6NgFsApfiCIIAUG1I&google_cver=1&google_push=AehlK4DH6gpIpT6rbwP-Lh5j-8WvVPxNSzTX5Di_nVgKPSkI2UxnloDKmo5Po80EK0qpFI8GXDKX5BmhsI84ZLPpRP3GWz9eAO62 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42UTktMTgtQlE2VA==&google_push=AehlK4DH6gpIpT6rbwP-Lh5j-8WvVPxNSzTX5Di_nVgKPSkI2UxnloDKmo5Po80EK0qpFI8GXDKX5BmhsI84ZLPpRP3GWz9eAO62
Request Chain 141
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_cver=1&google_push=AehlK4CIeANUjTljLTV7llwpjJe3v9kB-xBo_y1N3IaN_qoQJlDLwHVC4_xXf-S_MbHRuUjA7i6pTp7XoyXjvh6tUrW7qisvQEI HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_push=AehlK4CIeANUjTljLTV7llwpjJe3v9kB-xBo_y1N3IaN_qoQJlDLwHVC4_xXf-S_MbHRuUjA7i6pTp7XoyXjvh6tUrW7qisvQEI&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CIeANUjTljLTV7llwpjJe3v9kB-xBo_y1N3IaN_qoQJlDLwHVC4_xXf-S_MbHRuUjA7i6pTp7XoyXjvh6tUrW7qisvQEI
Request Chain 143
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 145
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPv9L5EBDLAhjLAjIIO3y6dLyECcw HTTP 301
  • https://tpc.googlesyndication.com/simgad/8341226500854338885
Request Chain 158
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKdW5_caY9qCZ-U2IEX6oh8&google_cver=1&google_push=AehlK4BAbnXzlMUGbPXaRCycWuY0UCnMrx3sUnW7C3FzLpgLCvgj4KqbtfOKFMXRkrsamKb0QvP2MyltE4VRbh-c-tgj7G0YlcmQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BAbnXzlMUGbPXaRCycWuY0UCnMrx3sUnW7C3FzLpgLCvgj4KqbtfOKFMXRkrsamKb0QvP2MyltE4VRbh-c-tgj7G0YlcmQ&google_hm=Q0FFU0VLZFc1X2NhWTlxQ1otVTJJRVg2b2g4
Request Chain 160
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DgsCtuMrDKVOYQO2_EI91T-9s2OC1ylp3dcJ32BcpG4lEiPv8r5v5M8fofrXkUyMKuVloBroY3miFDLXCnw1G_g31wBvbs&google_gid=CAESEEcxXCjYisEOUgY5bEn-FM0&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DgsCtuMrDKVOYQO2_EI91T-9s2OC1ylp3dcJ32BcpG4lEiPv8r5v5M8fofrXkUyMKuVloBroY3miFDLXCnw1G_g31wBvbs&google_gid=CAESEEcxXCjYisEOUgY5bEn-FM0&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMzk2OTgxMjQ2OA%3D%3D&google_push=AehlK4DgsCtuMrDKVOYQO2_EI91T-9s2OC1ylp3dcJ32BcpG4lEiPv8r5v5M8fofrXkUyMKuVloBroY3miFDLXCnw1G_g31wBvbs
Request Chain 168
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELDEBynC5aDDwjttZb2tiQ&google_cver=1&google_push=AehlK4BhRF6yydGCegEUX3OwYL14tC5A81iRn9C_51UymroWqPzPQTeowZPK13-QLIVBgsieIYGyVFVQ3S9Y0xpUfEVMuOhqQCM HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BhRF6yydGCegEUX3OwYL14tC5A81iRn9C_51UymroWqPzPQTeowZPK13-QLIVBgsieIYGyVFVQ3S9Y0xpUfEVMuOhqQCM&google_hm=htNofTbAfdxZGnUYP_Hofw
Request Chain 172
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGxrqG6NgFsApfiCIIAUG1I&google_cver=1&google_push=AehlK4A3V9t9F-c7df4cA13CSzQoriFw10rNMyIADf704o3jJwkgvyakuCdtuWd-HOUvAlkT3rWaaIO_2fdik5d5x8vUEamLDWw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42WDAtMTEtS04yWQ==&google_push=AehlK4A3V9t9F-c7df4cA13CSzQoriFw10rNMyIADf704o3jJwkgvyakuCdtuWd-HOUvAlkT3rWaaIO_2fdik5d5x8vUEamLDWw
Request Chain 173
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_cver=1&google_push=AehlK4CsZXW11wyB5HH1YJ-dQZC6T1M4ioPFYqdQoh39c1BoUtiLWzsS4AhVr6G0GrSCOF2yANk_EAAVZhcI1vmd8aThKvrF_hxd HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CsZXW11wyB5HH1YJ-dQZC6T1M4ioPFYqdQoh39c1BoUtiLWzsS4AhVr6G0GrSCOF2yANk_EAAVZhcI1vmd8aThKvrF_hxd
Request Chain 177
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 206
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660136896827-960872106006-006803-006-002531%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1660136896827-960872106006-006803-006-002531%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660136896827-960872106006-006803-006-002531&biddername=55&key=6838623281319484762

223 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
untoldtea.com/
Redirect Chain
  • http://untoldtea.com/
  • https://untoldtea.com/
84 KB
17 KB
Document
General
Full URL
https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896e4d89ac5b24a26055d5cb2729cccf1c6aa3272eb7855b409461fef56991df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7388f57c4f38929c-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:13 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
ki-cache-type
None
ki-cf-cache-status
BYPASS
ki-edge
v=17.7
link
<https://untoldtea.com/wp-json/>; rel="https://api.w.org/", <https://untoldtea.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://untoldtea.com/>; rel=shortlink
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJg7f3JTqZtuYzRMJYJ0a0fUzQxQdYFjngRjQeztItpjVEp2C%2Fh6%2F6y2VRHhb%2Fxp%2FElVnM9gf5ezMxPwPnaZ6wGYX%2Ff1tr8cd4XrpqGimWV5IjSF5WRbny45C%2BrHRucfyzHStD2iosZLDUc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
HIT

Redirect headers

CF-Cache-Status
DYNAMIC
CF-Ray
7388f57a4eae9012-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Aug 2022 13:08:12 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Ki-CF-Cache-Status
BYPASS
Location
https://untoldtea.com/
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tJTQYGsYDHCQ0EmTgzDRNYCDHnmqMyILWP22V0zQZcu%2F2FBaO5GOxQsFg%2B5SmYN9NrR0rfqo7irL2EVtvtG6FbNYd16BY5Fci%2FVo3jmW6aryF%2BqjjZEJXIjou6F%2Bbz%2FoBt8m8ZJ75xdRhF4%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Edge-Location-Klb
1
X-Kinsta-Cache
HIT
X-Redirect-By
WordPress
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cache-type
None
ki-edge
v=17.7
main.bundle.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/
143 KB
16 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/main.bundle.min.css?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,05f633772b5dd5612ecc438bbaba88c51ced66e2d0af920e82671d67527bde25
cf-cache-status
HIT
ki-edge
v=17.7
age
210892
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 14:14:48 GMT
server
cloudflare
etag
W/"61926b58-23d8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jsKxLGyEFUlNqyEGveAIaAnaUVRGjVQMGfZIqmz00kTyvL%2BPpn6%2BrKovlIb%2F2OC3O%2FYtz%2F6NWFzKsESK6%2FjQBp8cK%2B%2BO28j1ihNxL%2FHR1cOuM%2FXmmGQGOwTPu7nTCJzQXONAj%2BCaY2ivKsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f57fab03929c-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
main.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/minified/
57 KB
11 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/minified/main.min.css?ver=3.4.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1ead8f179b35d41d49a7ab4218039f8e1b29f4d1272ffc0ee2725e529bc2a9db
cf-cache-status
HIT
ki-edge
v=17.7
age
210892
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Wed, 12 May 2021 10:34:35 GMT
server
cloudflare
etag
W/"609baf3b-e390"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v5Ksx0C2cU%2F72%2FofueR488O9ej6%2BPz3mwaqTsDjqZwCG0%2BaYlSElESJuEce5Rf6Eycr2VCBXtk386VGhl1FK1gAPB60Larx8EgziAi40bjD6AE6jeCSqdJd0wdrgK3pFpRdqD7HrArqnjaI%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f57fab05929c-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
wp-emoji-release.min.js
untoldtea.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://untoldtea.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f28df1f795cd5542544741ff7fa03d01e20c4be2f7b6024a1ada0f1bc5767977
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 21:45:10 GMT
server
cloudflare
etag
W/"62bb7666-48b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Gv1agyJ%2BXXXSSNzWHe4nniq4jBakktQSdraCSK5qrlh2oWyh0pf8mrgNSNjMUjJKBF33fXJ6A7cH9GiC%2FDYzakkTjaQ4lYFbCiOzd%2FXT9817RFb%2F273FY1plpODs4qZPp%2BbJ8plpf9x9kQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5800f6e9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
style.min.css
untoldtea.com/wp-includes/css/dist/block-library/
87 KB
12 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f61582a2b1b639c470a0f44fc7542837a98a6e15ce733caec532f156972875b1
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 17:55:44 GMT
server
cloudflare
etag
W/"62cdb5a0-15b64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MTj%2F6dt3YkLTlzeAKRQ4R6qPBrIe%2FRCQZv0b05SGVDt4BnebzHeJV50MjY2jzyqAPx%2Bm%2BlE9OmBIVoYC2C%2Fb0AxoqYmUydclLbhGhcnDgWlzJCikZDwUXWFXCXIYZto23J8dz%2FlSSF3ug0M%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5804fc19ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
adsforwp-front.min.css
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/adsforwp-front.min.css?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,858cebec5dd8f760124cb5db85851b7b32b621f215f4eebb5339d250f642a489
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nBg8CjFdgUygwIIahkRG%2BnirlQuaEiM2avyK02Rj2882YoT8lmlY8elx3IMfkz7MKJe5BWs6gzNV84tQP%2B4JvO3M9xqjCrL4ZqLJ3gIibZ4hqh6xVo6xKUjSwk2uIb7Zvlv80x%2F7I98KqII%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5804fc89ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
categoryimage-public.css
untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/categoryimage-public.css?ver=1.4.6
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,3d4e1cf646173b5aeff52b1c74ecada83bcc74cd647f02d954656baf43b7f63c
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 07:51:38 GMT
server
cloudflare
etag
W/"6266530a-1a27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MyIWv1VH459IZPoncWpwP%2B7EdyQ7U0OCUiuAAMjS2kLg6HnTqWIBK3qCX2CZs9%2Bp0asYeah6e8H3eylZyUMb5G6XlnNjIZGRaO0eTr5cv83uYNcRjXTfe06oga7f7bZC2VzWtEaYq1ELAI4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5804fd39ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
socialsnap.css
untoldtea.com/wp-content/plugins/socialsnap/assets/css/
67 KB
9 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/plugins/socialsnap/assets/css/socialsnap.css?ver=1.1.17
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,64ae08eed5f0c9220c566d00957d272c99d2f84667299c4031f47da0023ef915
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 07:51:45 GMT
server
cloudflare
etag
W/"62665311-10bfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KwsM3tT9xcsPG4n0YaBpyNa8rt5vbjVFnO1%2Bk4%2BvoJb%2Fr3mTU0b0nZFl0U3EVOA4hC7ctjN%2BtH%2FkiLEKL0MSv30PxXkpZReylGF3TTIaKmFv%2FpYd%2FR5zKe%2BPF%2BBUoEFA1i4OSoaJ5DKx35o%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5804fd49ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
ivory-search.min.css
untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.4.7
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1c7b4d545f5a3177640e82aa95a95622b793910e47b783fda1f201d8ba76e37e
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 21:01:11 GMT
server
cloudflare
etag
W/"62bb6c17-1a9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eLohSKUFmQ6FmG3KNbbye5qklyIy%2B4dM6qUktn4Gi64BBvtFZ%2BuT1BfQ9uhUzcPd9b5JERLY%2BiYjOcs5308TiTL%2B0VwwpZCH7C6Wc9sFA%2FfSmsWcNNo0zCYEutrQumrTQmItqYJeTQ%2FJLTU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5804fd69ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
jquery.min.js
untoldtea.com/wp-includes/js/jquery/
87 KB
32 KB
Script
General
Full URL
https://untoldtea.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,e2e1f402504984a65844a4d022b901e5279d478e0a7f4a1615f1194b8466cfda
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 19:52:55 GMT
server
cloudflare
etag
W/"60f72997-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKYwr6u%2Bxb4%2FxgHTP6UrTD%2FgHhE1fv9okCMgBLp05xeKwSMeWnptSiUf7Cm7VK%2BBHtevJ2%2B7VeN56%2B9K3wy7ebxK7fVFxYfvvsPqK5HIZyj%2FahO6ZRXTI%2FL1kt630Ifip6QIARczuW8F2ik%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5805fe49ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
jquery-migrate.min.js
untoldtea.com/wp-includes/js/jquery/
11 KB
5 KB
Script
General
Full URL
https://untoldtea.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,31678bfcef2c6b570815652d5caed0bda5656d4e4a8119349cd75122ae6477a2
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 07 May 2021 09:11:45 GMT
server
cloudflare
etag
W/"60950451-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ogp9DltsaMocoFH7iKiJmEAkuuH7jpcaACTkzujMUF6VErJcwS6YxoZ1SJKLRA3JrRYH0xihggYdHzt8LDy4kn8US5vnr5xM%2BTpXnO9suIB0hnuge4iCIbs0etKgMpMRckhlhlQWYidljbo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5805fe79ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
custom.js
untoldtea.com/wp-content/themes/astra-child/assets/js/
997 B
1 KB
Script
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/custom.js?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1a322c28409d7bfb5d7e38586325ab61f985389a21067672f9ae6ed96f301d9c
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 10:32:05 GMT
server
cloudflare
etag
W/"6141cba5-3e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSVc91stVSmKDVrURRQk4gM1%2FTOI%2BGPVRoepIpxdQd7ftb%2Fp5fB6g%2BfdlXqjqqIqdjbXo9mijZ8sbNfsWreKUPVBUEEo%2BYCDm3WUu8nPPZJletm30NKNvmreIzwhHktt4gH%2BM8Yt2p2JiW8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5805fe89ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
bootstrap.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/
141 KB
22 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/bootstrap.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,9e44f164abcbc7045b7cfd0aa6cc0d0c7f9c86cfc10092cf5a2617c6d0e80743
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Wed, 12 May 2021 11:27:26 GMT
server
cloudflare
etag
W/"609bbb9e-235ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9iyunBE2zpDQIWEUr%2FS5GLC8%2F0sbB4vPwHPrfXisuvrXhRFg4fPRnQMTWSyQH2Wgdfc4VWjZ5DPI7Z9jwC7ukfi8W41XdP3z39nMiJTFP9tIkj0DmDCyCx8LaWIdGvDjUKWBD%2FurMwQTdY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5805fe99ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
owl.carousel.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/
3 KB
2 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/owl.carousel.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ec999bfb734be1a3d178a80faeada18acab3e877a49068cb0f6756271bfe462c
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 18 May 2021 14:03:06 GMT
server
cloudflare
etag
W/"60a3c91a-b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piTBJg9YEglamupZUcGCYk4M1kkCGbdkEL4DvlDWDU2hOMDwRVfOH1BBeVpe4GWM%2Fzg1YUgWjD2uof6XPwYBG%2B83Xioa7i5xQXFh9HeaJNGmAvV5s5%2BSS348MIYReeZAQepZgrrT%2BuCOgd0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5805feb9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/
54 KB
13 KB
Stylesheet
General
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
91855
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
FV80TJFYVFDZ8FF2
x-amz-id-2
mg0nycjTDy9HVTReBvJCkKzvhS5qdJAKhXnpQKqKVDCbzez5v9pI49dDSLdCIGqpkOSCdTtosuY=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KGfhcPTcKNRokOdV507DvzPyv92%2FOkfbicKAzf4CvPrr4WTFEYY1fjSAMsBkFehzoyadHQPh9ks3uiZHvVf07Fb24S%2BFUmtC%2Fbh1OodAxepe1ZojyznEiKYKPpV781Bml%2FSPwV4827oMAL5PJRVuQxHu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
7388f580a96b994e-FRA
custom.css
untoldtea.com/wp-content/themes/astra-child/assets/css/
35 KB
8 KB
Stylesheet
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,621debf2442dfaa9a69145e9abbdb287eb3bacaa921229b0011bf1518f30f8b3
cf-cache-status
HIT
ki-edge
v=17.7
age
65136
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 17 Dec 2021 11:18:55 GMT
server
cloudflare
etag
W/"61bc721f-8a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JViLbFR1cTHzuuXRA%2B5wKPotNXBDp2DAgqlzouCbQTRlv%2FJMlwxrsjjIUqqCJKGXzTqHMDV1NjWY4VaIUpXIpp7Y5dqjuu0aRJksOts9f9DyU%2BgQg5tMREHoMwlKrBePTBf7KBty3pJlIoY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f5805fec9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
169 KB
57 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1cec03cd813835f4a89d32fbf9c99d192bdebab08d0e5403b123733ad647369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57432
x-xss-protection
0
server
cafe
etag
1498366185403146067
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:08:13 GMT
untoldtea-logo.png
untoldtea.com/wp-content/uploads/2021/08/
11 KB
12 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2021/08/untoldtea-logo.png
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,6d4d005f1a402c97f6e496a59743a471af98785c872ad7b7d7650001a79970f3
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11421
ki-cf-cache-status
HIT
last-modified
Tue, 10 Aug 2021 07:06:55 GMT
server
cloudflare
etag
"6112258f-2c9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRDAzAsOQwMRKfppIHhOh04xt6%2BECliN5Ldw8kZiRNA3GfiKV9nmK9QChUgRx%2F4OFQHWgOhE%2FiFIxIcAcQ%2FT9CP9%2FJAB066U6XI9gBw%2FeSS%2FclER5oKeUAY%2FszM1WfCyYkWvAQcdPyHVPsk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f58189f49ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
frontend.min.js
untoldtea.com/wp-content/themes/astra-child/assets/js/minified/
16 KB
5 KB
Script
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/minified/frontend.min.js?ver=3.4.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,26e7cae73712c46b3f0664c6048328284329f1eb2ba2fb9739dcca23d422e2d9
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Wed, 12 May 2021 10:34:35 GMT
server
cloudflare
etag
W/"609baf3b-41bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bTcsS0RVMu8s2%2B9doE44tMQuRLp0QmVfDG5Hp9zE6T0xdDK0mXctJY48ABfI1xPYBpzfeD3HhRFxq1IUt%2BDaYj%2BtdJL57eLgDa458hGTTWv4AuCtCbkrAqBMGh%2Fo3mBeLEgfKXPuTGbr5J0%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f580f8fa9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
ads-front.min.js
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/
7 KB
4 KB
Script
General
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-front.min.js?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,922de2af9c8029c9d96c473245f39ddcc89aea711ee6bc0b0065e0a6496eeeaa
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-1dd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7AsJ3xFnTG0RLyJSWHV4PHoR1L3GHVRu8P%2B92ILxgPg3Gvm6x8p3AZxZwP5fbwq6daQWcE7WHaoE6Ty%2BiCrjopZCu%2BQLBraNkiuYKofhZoEDTZVN6mgQD5RZ9%2BuBykV9Rd6%2FCXOcp%2FOj%2FK8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f580f8fe9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
ads-frontend.min.js
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/
1 KB
1 KB
Script
General
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-frontend.min.js?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,bfe694c76e7f83112fb856b4b8f26da2532f9fa67b3f6a9fc1863e27b12f22bb
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6ZTF7yflAHlRgsZpM3fVJXCyGU0qIeZypLCV0EZ6C3aAHNgaKBD9YJeU0rb3DDrvhYc0B7ohET1A4nkmEWqJuP3v0nKCNJAGL79%2F80pTsR8vETe0CWa1hgkPk53SrKer5TMZER6SwP34MGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f58169ba9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
socialsnap.js
untoldtea.com/wp-content/plugins/socialsnap/assets/js/
13 KB
5 KB
Script
General
Full URL
https://untoldtea.com/wp-content/plugins/socialsnap/assets/js/socialsnap.js?ver=1.1.17
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,15c0ce2fb3715118240f9f39824db71e1bb7f579293d669e69f5fd9a653eaa5e
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 07:51:45 GMT
server
cloudflare
etag
W/"62665311-3239"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RkOgOs%2FjL8IVq%2FM2qyfpOHZRKyvaEBzZFNGbUH%2FNcJ%2FD4XcfrwH%2FUmSlHe5Cb4MXzWzho%2FYBFQpfqGTVQpFSUnCfWT5UojKM6Fp78U4RdlwCXeMV94aEKjA2rPePUxEkHQzQMf0zwlKQOOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f58179c59ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
core.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/
232 KB
42 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js?ver=1.0.0
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2993194
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42723
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-3a1e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q2xFdBGvB2D%2BU9aF0eBHauQdWYIGuW%2BALpxYbOoS2Atml%2FDoFf2HJxTn%2BndTkQwE4q19%2F0tlFEQ1bIp2KOMVr2liY9d7c6EFcSd13oHLJUBgL4VZ37bJUoWsP8%2FatznYWJvQ54xEwziwHs3DDErj5Mt7"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7388f5819cb89243-FRA
expires
Mon, 31 Jul 2023 13:08:13 GMT
ivory-search.min.js
untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/
4 KB
2 KB
Script
General
Full URL
https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.4.7
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1e21cc8327db2e06733fe3f314b06dfdd5354f41e9e1ea7f1b6e392367053d66
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 21:01:11 GMT
server
cloudflare
etag
W/"62bb6c17-11ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I9z7KDiF3X0VCp2gtb%2B%2FC3xYz0kYtmMZCxjUuTFWEJvUxrS%2B7gk02m2FLdklMaiNnPiCZDfPaUMVvGDJpo2mcFosccSX8fD86P3YGy%2F8vijfOMfdRKbrFlK3Yd81inbjbytfgdfNpRVUHu4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f58189e99ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1660136893.dop130.fr8.t,1660136893.cds056.fr8.hn,1660136893.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
owl.carousel.min.js
untoldtea.com/wp-content/themes/astra-child/assets/js/
42 KB
12 KB
Script
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/owl.carousel.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,8e385b6a64b4536a8cf3e7b2752fb12c72431b4faa2a98163a798ebe4e0382ee
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 18 May 2021 14:03:35 GMT
server
cloudflare
etag
W/"60a3c937-a70e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4kLId7PbaNfEO7%2FQa6CeGbEgjMMhKWEoxDoGRCw%2BPmhTA5rRC7IEpbXwXifC8CMSLCvEfzegRs54PEVxOHtKJ3mnmDE2%2B635Veh5xA7ImAevBDCgInv8xjnA3pgk8nmoPunDGXoijWiwgU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
7388f58189f09ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/
48 KB
14 KB
Script
General
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cdn-edgestorageid
860
age
59641
cdn-cachedat
03/10/2022 17:24:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
access-control-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
927bd8f8bc00b92c63b0d3057b4ae8ba
cf-ray
7388f581af7791d1-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/
10 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:47:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 13:08:13 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 13:08:13 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/
57 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
4723594
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10301
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-e4d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8U5JH1d25HQYqqOTATsP%2Bz4cMun1m%2FUS%2BekzYQkafJNU%2FQiHXMvhqC5EJ%2F43E99AyChUJKidU7w5LA3yF27hhDHU0BIPut40LzBMhWuGUpBY5lLyLKPGyLSO592aJcH8Oow%2Fn%2FDBEWfLh07Xi55AeqI5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7388f58148879a12-FRA
expires
Mon, 31 Jul 2023 13:08:13 GMT
gtm.js
www.googletagmanager.com/
109 KB
43 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4834fb8da7ae3a8997b2a29cfb12434b88f7d51dc9fe9962b60bf6f5456d03bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43153
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Aug 2022 13:08:13 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/
25 KB
25 KB
Font
General
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 21:18:53 GMT
x-content-type-options
nosniff
age
143360
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 21:18:53 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/
75 KB
76 KB
Font
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
64665
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76612
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12b44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i6dTS4pVx6D6hQH5mjG9uvGKIPMoKs9Vru0RES8Vkh4FLMU5SgzbHrmNOLWcaox36Thxv0%2FhC4ZRBcpjpfBc3R9gZ5MbGhUGcf7bkmg6AFJoiR0YBk5IqoxVXiDtNYg%2FZDeY9hDhk1jR6PmyXeG5t4UU"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
7388f581ec9b9b2b-FRA
expires
Mon, 31 Jul 2023 13:08:13 GMT
Breaking-Bad-Where-Are-They-Now-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/05/
76 KB
77 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Breaking-Bad-Where-Are-They-Now-1024x682.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f53dfeb1075d1974c440f135691dc6e65bf12d00fc6223365bbb70b125a004b1
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78052
ki-cf-cache-status
HIT
last-modified
Thu, 19 May 2022 20:44:56 GMT
server
cloudflare
etag
"6286ac48-130e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HuWu0pp2S859lMXuuR%2Fkadx7jdvuL7OAn4sPaUn0dZLx3tQbLg7g9gZYnqW49BFp5fAzCQDkqwg1WS0cmQmLk9HozmGFZD%2B4amah6%2BMHdJzAc%2B9L9eYeH4uxW0UC%2FGHx194q3%2FyuZbbUV1I%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f581faa79ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
Celebrity-MothersDays-2.jpg
untoldtea.com/wp-content/uploads/2022/05/
49 KB
49 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Celebrity-MothersDays-2.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,10c78d878de062f31b055c07ac57c0a8d2d2a9004c5cbe6d60b738c210941c6d
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49783
ki-cf-cache-status
HIT
last-modified
Thu, 12 May 2022 16:07:09 GMT
server
cloudflare
etag
"627d30ad-c277"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FAWgkEna%2FX1hfXIL56LCeUQytv1NV0h0Kdo3kSAqtOmTAak4Qsd6xwK2Jj44u0TlTxOEgQsViCTF52AccC2O9qqqIE7zcfC4rjE9P%2BmkpddGmocbVPZfLcQxcunYttIjPBkTgaxmELh24w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f581faaa9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
Jean-Claude-Martial-Arts.jpg
untoldtea.com/wp-content/uploads/2022/05/
110 KB
111 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Jean-Claude-Martial-Arts.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ba5fd9b2bb5d156680e6adcebfda8f007191f4796b11772e8e6657905bfa9b2b
cf-cache-status
HIT
ki-edge
v=17.7
age
65134
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113047
ki-cf-cache-status
HIT
last-modified
Wed, 04 May 2022 22:47:58 GMT
server
cloudflare
etag
"6273029e-1b997"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ivh4OWSQ%2F211gWTY6N4e6u7fwxX10AoGdLoDyCnh43KiOk6HZGHrNt%2FdB%2BCPbN2Ll35%2F8qeKj4zIBe1OmP8FxFG%2FOaE9Ab%2B1WG2RyCYvk08Ni9%2BXD1KBZTxj2hYpoE9Qr6L%2FNSbaG5OLNgE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f581faad9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
Squid-Games-S2-2-1024x576.jpg
untoldtea.com/wp-content/uploads/2022/04/
133 KB
134 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2022/04/Squid-Games-S2-2-1024x576.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,7c0bcce25a0d0fbab5f9d6c693327424f5ba4afc237e067b1879208cff9ee550
cf-cache-status
HIT
ki-edge
v=17.7
age
65134
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136153
ki-cf-cache-status
HIT
last-modified
Fri, 08 Apr 2022 15:23:11 GMT
server
cloudflare
etag
"6250535f-213d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tMd4YjH4RYPsLn6CKCMVSYqMR2zI6rFYCXpzlQkdiFs7jPm7Sg71MA9hsAZ7BRwGaQHagy7VQG%2FamGaEq8vIZotLXtL9UXHwWFW5dOPntxD%2BCfVE68ZYYCx0BsbyWfSFuNfhNBZiKWetP1E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f581faae9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
Will_Smith_Chris_Rock_Slap-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/03/
91 KB
91 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2022/03/Will_Smith_Chris_Rock_Slap-1024x682.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,99b01799dc302f7b34b2c9354517c028ec3f8f327fa1260ef19fa5b236d95c88
cf-cache-status
HIT
ki-edge
v=17.7
age
65134
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92844
ki-cf-cache-status
HIT
last-modified
Wed, 30 Mar 2022 15:14:34 GMT
server
cloudflare
etag
"624473da-16aac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B4KBA2y6c%2F7Ept0TdBldShJ3i4Tuhi4iAl4c1Mc9KavYp8H9%2FUH1VOYD3d%2Bogc0CUUbYwGUDy20H7L3g617N3t%2Fs7hRbIu4rz8zmf85PP7bTIuq1OnbyqCpLp7ossByu9ksyaadd83XBS8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f581faaf9ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
Mickey_Rourke-1024x1024.jpg
untoldtea.com/wp-content/uploads/2022/03/
164 KB
164 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2022/03/Mickey_Rourke-1024x1024.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f56f9e900dacbe291d8dc1412a22c0477d29d209573d533c6bd5e72baab257c0
cf-cache-status
HIT
ki-edge
v=17.7
age
65135
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
167531
ki-cf-cache-status
HIT
last-modified
Fri, 25 Mar 2022 15:26:31 GMT
server
cloudflare
etag
"623ddf27-28e6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WFrfBg%2B%2F1ftcFe9bVZk4%2FCwTsYeSVm3fVmjrtl1C6ZZumU96BDr3KhHmorFMahSayQOTnKYYGJWfGap18QGxvbqB5C7tJLPQCDDjoXV8wakJhTs1QZgzSfeN1X6HBondRieOIbZZWmBK9Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f581fab09ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
featured-and-starter1.jpg
untoldtea.com/wp-content/uploads/2021/05/
47 KB
48 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2021/05/featured-and-starter1.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:14 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,42fade2813976c2b9e7985e27def55b8797b41be24ff28b8350dc365d3349e80
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,42fade2813976c2b9e7985e27def55b8797b41be24ff28b8350dc365d3349e80
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48489
ki-cf-cache-status
SAVING
last-modified
Tue, 18 May 2021 18:29:21 GMT
server
cloudflare
etag
"60a40781-bd69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5w%2BKdHsec79wX7%2BGL3SGEkc4FsDC9An5i3INL2QhJa1jRHz9G5mYibadZRaZh2z%2BSrFCNRUyFJsNTkLC7D%2Br2m35oVLu8%2BYMKYYLQRePDAL2z0AkA632NOo7JXHT%2FZ8osFzvYYdRrBA0VIc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f581fab19ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Adele_Live_2016_tour-1024x768.jpeg
untoldtea.com/wp-content/uploads/2022/01/
115 KB
116 KB
Image
General
Full URL
https://untoldtea.com/wp-content/uploads/2022/01/Adele_Live_2016_tour-1024x768.jpeg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,cec7a2c4b4e7c263f820b35f0a1779b07756e060dad3915a4799942dd15e5b9b
cf-cache-status
HIT
ki-edge
v=17.7
age
65134
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117967
ki-cf-cache-status
HIT
last-modified
Thu, 27 Jan 2022 00:04:21 GMT
server
cloudflare
etag
"61f1e185-1cccf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vekixLxol80dtNQUTAyODOHmqh3E1IWubS8W0VhCHqpbrtEZ7AYKtNSIw83hhYqco9kQ4r%2FaffxWd%2BXJRms09%2FO6tGxJ4jMEAnIer1zocAdRi1PaZK5iDjFQPmDM5C0Fb2Q6S6W3nf6jW8s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
7388f582bbe49ba7-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 13:08:13 GMT
js
www.googletagmanager.com/gtag/
197 KB
71 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b52b10195795deb53de895ca9e4095b5b89aeb710a0d1b950d7a8e922f4d3216
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72320
x-xss-protection
0
expires
Wed, 10 Aug 2022 13:08:13 GMT
pushly-sdk.min.js
cdn.p-n.io/
301 KB
56 KB
Script
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-102.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 15:10:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"3719c549539b86d123ffb1220e16852e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
TJAfHMvNcli9K7aup93o-ZSFScRZWAqrcMGNM-tZnVQ2EotiyFA_5A==
video-loader.js
cdn.avantisvideo.com/avm/js/
32 KB
11 KB
Script
General
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
age
29354
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date
Wed, 10 Aug 2022 04:59:00 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
VpvFHsWdl-T7sPBv4IbUy4hahqKQv0yrS5xtsB6RVoHAgiVT9aYRSw==
js
www.googletagmanager.com/gtag/
106 KB
41 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-105305343-4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
41befc450dd1143c5b4888ffcda134062b76c94946f00e211d0d00accf14f954
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41919
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Aug 2022 13:08:13 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/
340 KB
120 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5de82692d9581c8b5ce0ed726fdcecf4453635fa1ed28318c824971f0059022
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122739
x-xss-protection
0
server
cafe
etag
12801619882270151289
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:08:13 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/ Frame C8D9
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25405
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:04:48 GMT
etag
8616628553774171045
expires
Wed, 24 Aug 2022 06:04:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
home-load-more.php
untoldtea.com/wp-content/themes/astra-child/
6 KB
1 KB
XHR
General
Full URL
https://untoldtea.com/wp-content/themes/astra-child/home-load-more.php?offset=0&limit=6
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:872a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://untoldtea.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ki-edge
v=17.7
ki-cf-cache-status
BYPASS
x-kinsta-cache
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKIdGgRNmYbYtiBRaUOIHIblWX58pv63LjfwaKA1tDLb8NztmyyK8N5FngtCQxnDH7f0XDDzE52lX7yUu3Fp0YyAc0nCOM3GjCb%2FRqbPEe9tHScxKtKEWT1NE0WU%2FVSyQ6TnQfUZInKAoMc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate
ki-cache-type
None
cf-ray
7388f5831c709ba7-FRA
x-edge-location-klb
1
expires
Thu, 19 Nov 1981 08:52:00 GMT
collect
region1.google-analytics.com/g/
0
345 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M28037773M&gtm=2oe880&_p=965128867&cid=1123665139.1660136894&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660136893&sct=1&seg=0&dl=https%3A%2F%2Funtoldtea.com%2F&dt=Untoldtea&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:13 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abc.txt
static.avantisvideo.com/data/
11 KB
5 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9a73858c84135c123879eaff2d94ca31f2a9397ac1408cccccd87350919aa8a

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 08:45:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P2
etag
W/"adeec079b9660850cec7d21b61dbb895"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
x-amz-cf-id
VNH9RqhzjxVLmk6tnA7ITJrbuXQjqumpkABKuPFqIfaVKSQ-Hp-llw==
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
/
events1.avantisvideo.com/
0
35 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 13:08:14 GMT
cookie.js
partner.googleadservices.com/gampad/
217 B
646 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=untoldtea.com&callback=_gfp_s_&client=ca-pub-6830231157845370
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
88d68979df01f2534c41091a51885974956bde77222e11d290e4c047196fa9b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
202
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
792 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
549 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CAFC
240 KB
62 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1660136894&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893898&bpp=6&bdt=525&idt=137&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=230369233632&frm=20&pv=2&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=155
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3617ba388f333ce6757735de4a2d5dbb434aae3f639f5fb013d96c881591a977
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
63767
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 13:08:14 GMT
expires
Wed, 10 Aug 2022 13:08:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 788D
87 KB
31 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a9368714a5d51d141648ecf5a5c9a8ab041924d474da8f9a48e141b2e8c955e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
32086
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 13:08:14 GMT
expires
Wed, 10 Aug 2022 13:08:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 788D
12 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 788D
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
css
fonts.googleapis.com/ Frame 788D
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:19:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 13:08:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 13:08:14 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 788D
2 KB
983 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
897
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:53:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 788D
23 KB
10 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:44:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1396
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:44:58 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 788D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:52:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
936
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:52:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 788D
140 KB
44 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 13:08:14 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 788D
17 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:50:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1035
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:50:59 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 788D
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169642
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 788D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CIgjevq3zYvWpBs_H1fAPkfmr4AWf36Gda_nak524EIbO_5WEGxABIMXPgAdglfKfgrAHoAHInPzNAcgBAakCNm2BKK8msT6oAwHIA8sEqgTAAU_QUIJpRcDp9DXxKf7-s6i2O5zxlPdO-DQbgMZ-msIjVEB-3WrAiH6k2_PMl6naBcYJd5Fpr6yrm04HYcT9Et4kdgggc6O7qj9bJn7ejpWUfz7Q1GALrSIoS9cWgs1vT6iOJTUoNYde5PG8Aj3dpA8UKebUyl11r_Qj4nO2CXOd8FPXTq9BexcUoY-AHn--9HuL8JzvoWCPi9OLYm-zKVXP8uJ3xtjFHqavvoXmeFgvQFjk8RT1wZqFdA9H46DMGMAE4PmTy5oEkgUECAQYAZIFBAgFGASAB6Djg7ICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ84cZ0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=iFy8gxMb38M&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 13:08:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 10 Aug 2022 13:08:14 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0E3F
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1742
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 12:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
u_d.html
cdn1.avantisvideo.com/connect/ Frame D0A9
46 KB
17 KB
Document
General
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
14409
content-encoding
gzip
content-type
text/html
date
Wed, 10 Aug 2022 09:08:07 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
x-amz-cf-id
RbvzMn1SAmL7iVd4rkaGSZHbnZ4gWmswL1te5x4Ya1GBjXchrkmrVw==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/
150 KB
53 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e41596d69ea8e9af53bbf66c5b8447e300fdf6a55a434961e19211d6d293b2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54600
x-xss-protection
0
server
cafe
etag
2543316939538919844
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 13:08:14 GMT
integrator.js
adservice.google.de/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
122 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 13:08:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C62D
90 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
727008b6ca98d6a226d11dfffa5fe8ae3b39d6bf14012d87d71213c849ec03c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
33711
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6B80
74 KB
23 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
048b55e1d395a710496a0027fb20fc0743a46105270a46bc44d1974cf3675e95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
23167
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1D62
70 KB
30 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83d3e8f60a417200064eecf631559ddd33e36a3376d307b3bf24d715a62245ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
30188
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 788D
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1d4caef55ff741356acd6fd984a4ec0934c437948b4bc4eb7a35d4fda592b638

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
geoip
avm.avantisvideo.com/api/v1/ Frame D0A9
174 B
929 B
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:6200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a5418852cad7a197516e001aa805ca8c190ea5d1c86dd12f798e00a31844761f
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
VIE50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
174
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Wed, 10 Aug 2022 13:08:15 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
FtLrA4LIvXgOow8nRkrQW10NUAxvGMY5UlWkdxuw83kOYFh5Hp7NeQ==
geoip
avm.avantisvideo.com/api/v1/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:6200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 10 Aug 2022 13:08:15 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
x-amz-cf-id
WURrhwjy8II_z6ha79XZ25e_XkBNbqDzlwFXlnhvcAjxoDan5U4blw==
x-amz-cf-pop
VIE50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0E3F
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
expires
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame 0503
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
36049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 03:07:25 GMT
etag
8616628553774171045
expires
Wed, 24 Aug 2022 03:07:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame 2AFB
10 KB
4 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
36049
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 03:07:25 GMT
etag
8616628553774171045
expires
Wed, 24 Aug 2022 03:07:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 788D
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:44:44 GMT
x-content-type-options
nosniff
age
15810
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 08:44:44 GMT
css2
fonts.googleapis.com/ Frame 0503
4 KB
636 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:21:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 13:08:14 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 13:08:14 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0503
205 B
229 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:36:41 GMT
x-content-type-options
nosniff
age
12693
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 10 Aug 2023 09:36:41 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0503
604 B
628 B
Image
General
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:49:56 GMT
x-content-type-options
nosniff
age
1098
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 10 Aug 2023 12:49:56 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 0503
19 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:02:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8392
x-xss-protection
0
server
cafe
etag
14983445617412810031
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 13:02:42 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 2AFB
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAsdpvq3zYs7cBdvO7_UP1fmFoA3TuaTTa5HQleyzEM3P2_7qIBABIMXPgAdglfKfgrAHoAGSmav8AsgBAqgDAcgDyQSqBMgBT9CDkADAEv1pd5XenEpYcHs-kPwR8PEhHNIZ_OTVVWFoULfDuOAvU4a4mAwIF6nq71WpEYBTaxuy5wkZXLh-ugyyEfTu3QEi0gbnibvng0koaHskaso3p5o0hYF-GJ_jLRz5N0JMDZIVC6eGxR6svS2uU4Zr4MgdltNTqcBa1L0db0uZesIHFrjLJuv8RYJf_2bTcHJ4XkAy7FrnQ7-Vhy8dEEFYS46PuLVjcAGdXSi3g6PEqQcUNuqqHE3durNQVClNgrzWyNfABMTHq4ChBJIFBAgEGAGSBQQIBRgEoAYCgAfW5tSDAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEKDvUdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTY4MzAyMzExNTc4NDUzNzAYAA&sigh=s0kOvYaNIe0&uach_m=[UACH]
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 2AFB
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:59:14 GMT
11873250631458468005
tpc.googlesyndication.com/simgad/ Frame 2AFB
24 KB
24 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/11873250631458468005?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmD8jVOXcg9-44qq-BMq4T5l4YhAQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60dcb89a62f0a918da59b8dd01ce53898cfae726e3dff253a52a75b2b45131fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 17:21:27 GMT
x-content-type-options
nosniff
age
589608
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25021
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 22:11:42 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Aug 2023 17:21:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2AFB
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:56:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2AFB
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 13:08:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2AFB
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:55:53 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 2AFB
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14320
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
server
cafe
etag
4827693875121430507
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 09:09:35 GMT
css
fonts.googleapis.com/ Frame 1E23
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:22:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 13:08:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 13:08:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1E23
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:53:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 1E23
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:59:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1E23
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:56:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1E23
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 13:08:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1E23
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:55:53 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 1E23
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 109E
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 12:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0047
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 12:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame 8569
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136893904&bpp=1&bdt=530&idt=152&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=79&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=QrthBQcD7C&p=https%3A//untoldtea.com&dtd=154
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 06:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
197882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 06:10:13 GMT
truncated
/ Frame 2AFB
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6615563624785e69cedacbba7474a887c4f31451c8aee2fde9a4b8eb5d237e6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 109E
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
expires
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame AB42
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 06:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
197882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 06:10:13 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0047
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
expires
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame 0F08
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 06:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
197882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 06:10:13 GMT
9518514844926326451
tpc.googlesyndication.com/simgad/ Frame 1D62
9 KB
9 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/9518514844926326451?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlgvnCCGttXothj2rFvt125goPxRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8f4a16467c23ae2fd8e0b94ffac451bd278f91551632c63a6a309f36af4b0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:55:07 GMT
x-content-type-options
nosniff
age
569588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9113
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 18:36:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Aug 2023 22:55:07 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 1D62
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:59:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1D62
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:56:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1D62
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 13:08:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1D62
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:55:53 GMT
l
www.google.com/ads/measurement/ Frame 1D62
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7y8OlQ5OUNI4tvn5ApQ2ExMX-BcGEopeiIEaLD716NCQ1WqhBEpEAK06CFYEePju4qTi5cAom2ss7BXXONfehiIlKkw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 1D62
32 KB
13 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14320
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
server
cafe
etag
4827693875121430507
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 09:09:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1D62
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcP0Zvq3zYu6AMMy2YPG_opAB_pOSxGu_y_Lf_g8LEAEgxc-AB2CV8p-CsAegAZmO2eoCyAECqAMByAPJBKoEyAFP0GkTb7KPDZ3EL_dJUA4Fh2OVikavygJonKPmbQU318PfNBuV4WL32nViw8k1vvee-e6kmGkpW2hSIDlQUTmUGyIRNlQYOZquq-AzACX8jT2ZYXykvuiDpYKfUoPwGqd5vW6SsESRWUxblYBsrcaNSgR3dh1xG3bDt4Km2MGxh5YSvsAf5rc3rrhZVdtanwlpJkUPp-Y5wC1SsBHU5MILSNe77L253IVOaJl7TSxJ9rJ3OeXgS58L6L5DtrtYNdpM8WSsRUft4cAElKC19fkDkgUECAQYAZIFBAgFGASgBgKAB-zU9ukCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ__8Z0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=9vh9PnJHj_Q&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9CDC
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 12:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3FAA
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 1D62
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8de62c9ad4bac794efddbe235c213f279a613f3044a53e198e1dfc8f9d56e261

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame C62D
12 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame C62D
11 KB
5 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
css
fonts.googleapis.com/ Frame C62D
8 KB
893 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:22:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 13:08:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 13:08:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame C62D
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:53:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame C62D
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:59:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame C62D
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:56:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame C62D
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 13:08:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame C62D
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:55:53 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame C62D
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
css
fonts.googleapis.com/ Frame 6B80
3 KB
601 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 12:20:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 13:08:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 13:08:15 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 6B80
2 KB
902 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:53:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
898
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:53:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 6B80
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:59:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:59:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 6B80
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:56:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:56:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6B80
140 KB
43 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 13:08:15 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 6B80
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 12:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
742
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 12:55:53 GMT
l
www.google.com/ads/measurement/ Frame 6B80
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQTQiIGCKfcV9ICGfoIrtQRWq9lb-XsvtV_H_FVSn2ShdnyGRgQjDclpaFkcJZ31qXQG_fVTD1B63FKPVtRhhkiwSkG1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 6B80
32 KB
13 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 14:00:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
169643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Sun, 06 Nov 2022 14:00:52 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/
107 KB
34 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
Usl28QWcpcQuVgqctq_iPLAQIzTzuE9F
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 08:12:47 GMT
server
AmazonS3
age
32439
etag
W/"7b1a9ceb08392f5edf168e210f7c817e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date
Wed, 10 Aug 2022 04:07:37 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
nP3qdMwehi2EjgX5hd0NdZ_udnirITm1S50VrMCO3_Aa2cL9s7670w==
adview
googleads.g.doubleclick.net/pagead/ Frame 6B80
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CcKAEvq3zYo2yL8bJ1fAPkberqAv-8JzKa6WrtdnsDL635ejtGhABIMXPgAdglfKfgrAHoAH-1sXWA8gBBqkCNm2BKK8msT6oAwHIAwKqBMcBT9AX7Raa1OpshEgaEwPUN413tFYA5NRw0LCi6wqrc9yaif8RxKh2bZm-ODd2jQJkBCVce6kxv0j6gi8AwAwZVpkS1ONlT40mHEnRGqgWHOqZxQ9o7oyKYlJ8ITIGFtuX-E2-3wIwtBF7myM-Trqu2U99nwcVsuLFkoC5t50T2t5nMfF8F19MYHOAzS0z0yyqOXVDgOB_RZezltJANuedBQxsNjz2hr_4xVmIUjZadcODe8Nc4N7c9vhtVyf3uyMG1nmjpVt8CsAExYnltK4DkgUECAQYAZIFBAgFGASgBjeAB8nT1h2oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwHyBwQQkOQN0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=1VMOWiMNDqc&uach_m=[UACH]&template_id=493
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame 3FAA
35 B
463 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELDEBynC5aDDwjttZb2tiQ&google_cver=1&google_push=AehlK4DcJ4Cn4s4U08TSb53tiyire92dTOvEoq1FVnP1PAJrJg673Y_qRLlaF1BSOkHKLEaCaLabuU-7newpNAG9D7TbgRJm6Nh3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 3FAA
0
98 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BxwRhEieBv6HIVZC33EguwxBXruqLBi5mg2wkhnBOTFdmfby0a6cYsVBDcMqOyHxBLxreywdKOaysypKj-eK-V-zLrBNE&google_gid=CAESEOyQfBpcoIk5EAGYEjHBv3A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3FAA
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AJDsxf...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4AJDsxf...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMjM5MDM2NjUyMQ%3D%3D&google_push=AehlK4AJDsxfh4UVG7fGby5G6PV6I1sMZn-vON6xyB2W2cdljBlNMCAvMKUDIp5x7Ge4CP...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMjM5MDM2NjUyMQ%3D%3D&google_push=AehlK4AJDsxfh4UVG7fGby5G6PV6I1sMZn-vON6xyB2W2cdljBlNMCAvMKUDIp5x7Ge4CP-2qVxGJiLbtkFaq_OXFGfBA8xUNu4E
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMjM5MDM2NjUyMQ%3D%3D&google_push=AehlK4AJDsxfh4UVG7fGby5G6PV6I1sMZn-vON6xyB2W2cdljBlNMCAvMKUDIp5x7Ge4CP-2qVxGJiLbtkFaq_OXFGfBA8xUNu4E
pragma
no-cache
date
Wed, 10 Aug 2022 13:08:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 10 Aug 2022 13:08:16 GMT
dds
rtb.openx.net/sync/ Frame 3FAA
43 B
352 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJX4_4WmQXWEYyQtPTcbZQU&google_cver=1&google_push=AehlK4Be8iyODnIFDcRYFdhQ14qtJnEGr3X0EKMDSWCSplhxspEUKOP714M52WWjI8RNIUZ5GfauFFiY37pUgHio-y4Ozbh_I3M
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
lrgf3jpbh156mkfran85vcpbk53q8hq6
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3FAA
0
166 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKK_HC5REji_ZB1CXlpzFW4&google_cver=1&google_push=AehlK4CoDyFfvLfYOpKcC5Ex3FDgCimNpZUClccLUkTgMp68_Hx4NLlVaN30CQGzKNDrguAUBBU_wtR4p4x2eiAaTGf7AGnTxxCF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:13 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 3FAA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGxrqG6NgFsApfiCIIAUG1I&google_cver=1&google_push=AehlK4DH6gpIpT6rbwP-Lh5j-8WvVPxNSzTX5Di_nVgKPSkI2UxnloDKmo5Po80EK0qpFI8GXDK...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42UTktMTgtQlE2VA==&google_push=AehlK4DH6gpIpT6rbwP-Lh5j-8WvVPxNSzTX5Di_nVgKPSkI2UxnloDKmo5Po80EK0qpFI8GXDKX5BmhsI84ZLPpRP3GWz9eAO62
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42UTktMTgtQlE2VA==&google_push=AehlK4DH6gpIpT6rbwP-Lh5j-8WvVPxNSzTX5Di_nVgKPSkI2UxnloDKmo5Po80EK0qpFI8GXDKX5BmhsI84ZLPpRP3GWz9eAO62
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42UTktMTgtQlE2VA==&google_push=AehlK4DH6gpIpT6rbwP-Lh5j-8WvVPxNSzTX5Di_nVgKPSkI2UxnloDKmo5Po80EK0qpFI8GXDKX5BmhsI84ZLPpRP3GWz9eAO62
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 3FAA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CIeANUjTljLTV7llwpjJe3v9kB-xBo_...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CIeANUjTljLTV7llwpjJe3v9kB-xBo_y1N3IaN_qoQJlDLwHVC4_xXf-S_MbHRuUjA7i6pTp7XoyXjvh6tUrW7qisvQEI
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYdQqJcP9WoLXgPmS7CL%2B6zkTIiuVQbeeNJRtd26kxYQSXu%2FNh7RXfx9c6GjZRAw9JRtipjE%2BBjpAWUgEi2%2Fs4XxcAb%2BjzC9VoctEjNIX5SKMNxwJoLIcYwTdefFlYk5D0orr3aF0BzVwg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CIeANUjTljLTV7llwpjJe3v9kB-xBo_y1N3IaN_qoQJlDLwHVC4_xXf-S_MbHRuUjA7i6pTp7XoyXjvh6tUrW7qisvQEI
cache-control
no-cache
cf-ray
7388f58dcfbbbb83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 3FAA
0
223 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LSPqG6vlpZQM5Pjrthbpm8s4E8W-S3LdKeO1SjZIlrdthHbCfugTmUqBC_B4LhpFVE420r
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9CDC
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
expires
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
7479028689592139735
tpc.googlesyndication.com/gpa_images/simgad/ Frame 6B80
484 KB
484 KB
Image
General
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/7479028689592139735
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c0f750162beb4e743a4863dd1303c8e6bc266b98c7ffaf09ac2bdb2211b0a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
495818
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 04:09:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 13:08:15 GMT
8341226500854338885
tpc.googlesyndication.com/simgad/ Frame 6B80
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPv9L5EBDLAhjLAjIIO3y6dLyECcw
  • https://tpc.googlesyndication.com/simgad/8341226500854338885
14 KB
14 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/8341226500854338885
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8920176024bcd1125f115e463b13d79862d26782882e858546330ce51627e3b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 02:15:53 GMT
x-content-type-options
nosniff
age
298342
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14221
x-xss-protection
0
last-modified
Mon, 28 Dec 2020 14:18:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Aug 2023 02:15:53 GMT

Redirect headers

date
Wed, 10 Aug 2022 01:33:15 GMT
x-content-type-options
nosniff
server
cafe
age
41700
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/8341226500854338885
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 09 Sep 2022 01:33:15 GMT
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame 3712
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=1&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x280&nras=5&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3040&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=A81XMIFRos&p=https%3A//untoldtea.com&dtd=27
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 06:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
197882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 06:10:13 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame C62D
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C0AHsvq3zYt2rLpOm9u8PksmZ8AOf36Gda_nak524EMCNtwEQASDFz4AHYJXyn4KwB6AByJz8zQHIAQGpAjZtgSivJrE-qAMByAPLBKoExgFP0MDd0RpRjenblnJT6g_94q0QC5LjoZfY-mMj_E_QcfXqsh1ino7YyKAISFYNWrY5sgFerEDbJ1vugo3R2REXRIaOf4lmPmpfV4b2XbrpJGWO5ZzbVSeHScecjoXgIUHoe4N90m_iq1xt1cWccEV909UUOK-sWc8vToH5KnI4AnwcVl7Psst1fKNKccLXpmp57MNWyc_UPeAeuvZGXDoG1LOSARVSo2ySCRo8d34fTtH21M2Y-bdh-QRGBy5Le6HoLaeKcEvABOD5k8uaBJIFBAgEGAGSBQQIBRgEgAeg44OyAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ_SEtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTY4MzAyMzExNTc4NDUzNzAYAA&sigh=mcOys0uaYng&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 30E9
143 B
163 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1743
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 12:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A940
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6AA1
1 KB
749 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74458
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 09 Aug 2022 16:27:17 GMT
etag
48472445140208031
expires
Wed, 10 Aug 2022 16:27:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/
49 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105305343-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
375
date
Wed, 10 Aug 2022 13:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Aug 2022 15:02:00 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
truncated
/ Frame C62D
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0ca708ccd7af4d1c6cca7e95ad4dcbb2f5cd5968e35616c674c1f5d58066afec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6B80
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4d76575ecdca871e4eb7e36ba5c5c64b1c8ce387b3e2989990e50a57c797e033

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame C62D
28 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:44:44 GMT
x-content-type-options
nosniff
age
15811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 08:44:44 GMT
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6B80
20 KB
20 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:13:40 GMT
x-content-type-options
nosniff
age
53675
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 22:13:40 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 6B80
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:44:27 GMT
x-content-type-options
nosniff
age
51828
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 22:44:27 GMT
pixel
cm.g.doubleclick.net/ Frame A940
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEKdW5_caY9qCZ-U2IEX6oh8&google_cver=1&google_push=AehlK4BAbnXzlMUGbPXaRCycWuY0UCnMrx3sUnW7C3FzLpgLCvgj4KqbtfOKFMXRkrsamKb0QvP2MyltE4VRbh-c-tgj7G0YlcmQ
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BAbnXzlMUGbPXaRCycWuY0UCnMrx3sUnW7C3FzLpgLCvgj4KqbtfOKFMXRkrsamKb0QvP2MyltE4VRbh-c-tgj7G0YlcmQ&google_hm=Q0FFU0VLZFc1X2NhWTlxQ...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BAbnXzlMUGbPXaRCycWuY0UCnMrx3sUnW7C3FzLpgLCvgj4KqbtfOKFMXRkrsamKb0QvP2MyltE4VRbh-c-tgj7G0YlcmQ&google_hm=Q0FFU0VLZFc1X2NhWTlxQ1otVTJJRVg2b2g4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 13:08:14 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BAbnXzlMUGbPXaRCycWuY0UCnMrx3sUnW7C3FzLpgLCvgj4KqbtfOKFMXRkrsamKb0QvP2MyltE4VRbh-c-tgj7G0YlcmQ&google_hm=Q0FFU0VLZFc1X2NhWTlxQ1otVTJJRVg2b2g4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
466606.gif
id.rlcdn.com/ Frame A940
0
9 B
Image
General
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4CSo-vFvP3dMqnjyNU3hDeASLy6EAdAjqYNbT52w76-niQ28_sbgvAzBIWZkaywhtMO8Z-GD2tvk5i-vPZugOw7YEoU5yFA&google_gid=CAESEOyQfBpcoIk5EAGYEjHBv3A&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame A940
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DgsCtu...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4DgsCtu...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMzk2OTgxMjQ2OA%3D%3D&google_push=AehlK4DgsCtuMrDKVOYQO2_EI91T-9s2OC1ylp3dcJ32BcpG4lEiPv8r5v5M8fofrXkUyM...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMzk2OTgxMjQ2OA%3D%3D&google_push=AehlK4DgsCtuMrDKVOYQO2_EI91T-9s2OC1ylp3dcJ32BcpG4lEiPv8r5v5M8fofrXkUyMKuVloBroY3miFDLXCnw1G_g31wBvbs
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:16 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxMzA4MTYwMDAxMzk2OTgxMjQ2OA%3D%3D&google_push=AehlK4DgsCtuMrDKVOYQO2_EI91T-9s2OC1ylp3dcJ32BcpG4lEiPv8r5v5M8fofrXkUyMKuVloBroY3miFDLXCnw1G_g31wBvbs
pragma
no-cache
date
Wed, 10 Aug 2022 13:08:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 10 Aug 2022 13:08:16 GMT
sync
odr.mookie1.com/t/v2/ Frame A940
43 B
356 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJBuXWikUlLGK9EsKuLNz7I&google_push=AehlK4DNfvdkfrqVsGhUasu8U7TZ2Zn2BKwH2op2ZbRZwe3v0NpJvtx6lyeIXLlF5bGeKZg-4uNCadgejmkfykGk4kYITY8yO4id&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
trk
ag.innovid.com/ Frame A940
43 B
296 B
Image
General
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEOHIwYS1OHQFUWTTs8t6Jaw&google_cver=1&google_push=AehlK4AAa7Sl3lQY4SqLkTq3aFYjWnKETjsNwsypV1gFwyToQtGmvpHrrnNf0EM-SYTi2ujO_U_ODS8w6z7qz65hKLyPAkoQMDw9
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:16 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame A940
0
0

attr
cm.g.doubleclick.net/pixel/ Frame A940
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KSf7mL2qEuuY0XnpaW3dhcIMKD3dyfLlVw7_hiQya2HG6z4UCJdIpaAdFfDwgI_Ls
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
collect
www.google-analytics.com/j/
2 B
22 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=965128867&t=pageview&_s=1&dl=https%3A%2F%2Funtoldtea.com%2F&ul=en-us&de=UTF-8&dt=Untoldtea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=613251608&gjid=1715127159&cid=1123665139.1660136894&tid=UA-105305343-4&_gid=2067350326.1660136896&_r=1&gtm=2ou880&z=539099388
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
t
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/
2 KB
2 KB
XHR
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Funtoldtea.com%2F&eu=true&country=DE&hour=13&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:6200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
VIE50-C1
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://untoldtea.com
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
NhgZpKtVsxAcmECKbGf6sNyctQPeP6Pa5qJLMtAJS1_zk8OYWxDUUw==
t
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/ Frame
0
0
Preflight
General
Full URL
https://avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Funtoldtea.com%2F&eu=true&country=DE&hour=13&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206e:6200:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://untoldtea.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 10 Aug 2022 13:08:15 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 488e01d34d3fb7f21dfcaccec82f530e.cloudfront.net (CloudFront)
x-amz-cf-id
A9_Tq1Uiu47fgqnSTLy1q7kaPu9n3HDsQtdMRH-PJuljqjpnUlWX-w==
x-amz-cf-pop
VIE50-C1
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 6AA1
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEELDEBynC5aDDwjttZb2tiQ&google_cver=1&google_push=AehlK4BhRF6yydGCegEUX3OwYL14tC5A81iRn9C_51UymroWqPzPQTeowZ...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BhRF6yydGCegEUX3OwYL14tC5A81iRn9C_51UymroWqPzPQTeowZPK13-QLIVBgsieIYGyVFVQ3S9Y0xpUfEVMuOhqQCM&google_hm=htNofTbAfdxZG...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BhRF6yydGCegEUX3OwYL14tC5A81iRn9C_51UymroWqPzPQTeowZPK13-QLIVBgsieIYGyVFVQ3S9Y0xpUfEVMuOhqQCM&google_hm=htNofTbAfdxZGnUYP_Hofw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4BhRF6yydGCegEUX3OwYL14tC5A81iRn9C_51UymroWqPzPQTeowZPK13-QLIVBgsieIYGyVFVQ3S9Y0xpUfEVMuOhqQCM&google_hm=htNofTbAfdxZGnUYP_Hofw
pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 6AA1
43 B
106 B
Image
General
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEJBuXWikUlLGK9EsKuLNz7I&google_push=AehlK4BigPfUIevwGlQO5BwJg51FItEicfGRcdc0PZqEjGOHZZvDRtnj87L5oP4QZXxYor_6kW-udOJpjU_RlePSjYbj3Efn4qzz&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 6AA1
43 B
64 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEJX4_4WmQXWEYyQtPTcbZQU&google_cver=1&google_push=AehlK4D_qLXNAMdb687tePvGraoKqD3QSxIZHYyJ3uHCmnj-JrZnc0dwbjSI0EErEju2yStLtBOv-ViPdDq4jmfcAo8-V8yM7e0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:14 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
9ut68nu1ug096f5jdaari3u1cdct3420
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 6AA1
0
41 B
Image
General
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKK_HC5REji_ZB1CXlpzFW4&google_cver=1&google_push=AehlK4Aded_Ge4PmlO7Px7DbL9uqfUIJkpcw-hxfr18m2NwUsj9yNrlHnV_COFCMmkY_jYbfZ8GV60cOVILtRLBwHjf9DL3d-rSs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:14 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 6AA1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGxrqG6NgFsApfiCIIAUG1I&google_cver=1&google_push=AehlK4A3V9t9F-c7df4cA13CSzQoriFw10rNMyIADf704o3jJwkgvyakuCdtuWd-HOUvAlkT3rW...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42WDAtMTEtS04yWQ==&google_push=AehlK4A3V9t9F-c7df4cA13CSzQoriFw10rNMyIADf704o3jJwkgvyakuCdtuWd-HOUvAlkT3rWaaIO_2fdik5d5x8vUEamLDWw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42WDAtMTEtS04yWQ==&google_push=AehlK4A3V9t9F-c7df4cA13CSzQoriFw10rNMyIADf704o3jJwkgvyakuCdtuWd-HOUvAlkT3rWaaIO_2fdik5d5x8vUEamLDWw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOTU42WDAtMTEtS04yWQ==&google_push=AehlK4A3V9t9F-c7df4cA13CSzQoriFw10rNMyIADf704o3jJwkgvyakuCdtuWd-HOUvAlkT3rWaaIO_2fdik5d5x8vUEamLDWw
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
pixel
cm.g.doubleclick.net/ Frame 6AA1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CsZXW11wyB5HH1YJ-dQZC6T1M4ioPFY...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CsZXW11wyB5HH1YJ-dQZC6T1M4ioPFYqdQoh39c1BoUtiLWzsS4AhVr6G0GrSCOF2yANk_EAAVZhcI1vmd8aThKvrF_hxd
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:15 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F6%2FDNpAq2H2niZ7ozbeiEg%2FJemz4OD%2B6zz93idQO3qQKq7GXTQOWmoLKGwdigfvmh44syZ8ExDSpjRNhp4703amqhWnoqec220wcALyzLg50lBhg1izI4VZt%2BAw1pDNRfM3iMkdseMeGJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHXTWGNu-rjhncyw3ja4Ggs&google_hm=YvOtv4uabOQShdACYUul4QAAFCgAAAAB&google_nid=index&google_push=AehlK4CsZXW11wyB5HH1YJ-dQZC6T1M4ioPFYqdQoh39c1BoUtiLWzsS4AhVr6G0GrSCOF2yANk_EAAVZhcI1vmd8aThKvrF_hxd
cache-control
no-cache
cf-ray
7388f58e0815bb83-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 6AA1
0
0

attr
cm.g.doubleclick.net/pixel/ Frame 6AA1
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMY7o_exLENRXi8aLJ_Aip6qNd2YPBdST2JAsDgDN1dnVhmdQjjNyA71gPh4wRmdqq5eQWQA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1348&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=5sg80H9eoD&p=https%3A//untoldtea.com&dtd=24
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pushly-sdk.min.css
cdn.p-n.io/
27 KB
2 KB
Stylesheet
General
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-102.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 18:34:08 GMT
server
AmazonS3
age
29743
etag
W/"f3cd76bbdf477b890d940ce319bd1d16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
Bo48TF2vo9sZifSQIg8j5wPun6A7L3Cauko2Bh6kXzTJdZnmKeDxFg==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 30E9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 13:08:15 GMT
expires
Wed, 10 Aug 2022 13:08:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 13:08:15 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
collect
stats.g.doubleclick.net/j/
1 B
437 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105305343-4&cid=1123665139.1660136894&jid=613251608&gjid=1715127159&_gid=2067350326.1660136896&_u=YADAAUAAAAAAAC~&z=1213674517
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 10 Aug 2022 13:08:15 GMT
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
event-stream
k.p-n.io/
0
125 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.92.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-92-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 10 Aug 2022 13:08:15 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
event-stream
k.p-n.io/
0
126 B
Fetch
General
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.92.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-92-58.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 10 Aug 2022 13:08:15 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
sodar
pagead2.googlesyndication.com/getconfig/
14 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220808&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b542ae31f76642485ff5b81fc55081f19dfe1d936cca6a2b21fd5a3e32cce92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11141
x-xss-protection
0
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame 7624
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660136894&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660136894721&bpp=1&bdt=1347&idt=-M&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D98959a6fe2906592-229154b0eccd00ba%3AT%3D1660136894%3ART%3D1660136894%3AS%3DALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ&prev_fmts=0x0%2C1200x280&nras=3&correlator=230369233632&frm=20&pv=1&ga_vid=1123665139.1660136894&ga_sid=1660136894&ga_hid=965128867&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44769662&oid=2&pvsid=3181948837774412&tmod=119520759&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=yDVN45z91f&p=https%3A//untoldtea.com&dtd=10
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 06:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
197882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 06:10:13 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 13:08:15 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A652
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1638
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 12:40:57 GMT
expires
Thu, 10 Aug 2023 12:40:57 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4CEB
783 B
533 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
34860215432066d52c92ef307c31e4afd12039ddf062b1e65644a553cf392a9f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ciTumbUbsHwOYjNjFCAdjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-ciTumbUbsHwOYjNjFCAdjQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 13:08:15 GMT
expires
Wed, 10 Aug 2022 13:08:15 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
pagead2.googlesyndication.com/bg/ Frame A652
36 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/3JgSxLv5M8jO-L1UtlL0rxXgrH7WG4OtpnQVSDBU2F0.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 06:10:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
197882
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14039
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 08 Aug 2023 06:10:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4CEB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220808&jk=3181948837774412&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

2.0ea6592415db7f630eab-video-loader2.1-cr.js
cdn.avantisvideo.com/js/
30 KB
10 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 14:10:48 GMT
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 08:12:46 GMT
server
AmazonS3
age
82648
etag
W/"877651bae5882b405ee2d6c7879cc089"
vary
Accept-Encoding
x-cache
Hit from cloudfront
x-amz-version-id
X0x1ohgLuQwdcmcojJpKQepQjoSaetGr
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
HbZI7LurbUy4p3IQjd_kx1sSPNw35jC7Sn_6XWVS3pVm3eFA1x1Z_Q==
generate_204
tpc.googlesyndication.com/ Frame A652
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?WsX5zg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/
2 B
765 B
Script
General
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4a5::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Wed, 10 Aug 2022 13:08:16 GMT
X-GUploader-UploadID
ABg5-Uwj3Kk1EHKKjz_ZkO4M8gfZcYtM7IbvZzxgEWId2gHj1Fqeui1r9YSdBY9TE2gEanbbdBlwWy_6Pen4kJ-q5jTzBqt3Vw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Wed, 10 Aug 2022 13:38:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 788D
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuq0vVOixNwVVm7oQQKt1KnwprftQuaqHt0ZsdzGeGDGTah-eWU-98pm-XawTK5HJqqeoTEbhDSYV7K9fXyQ7lklJ6hnwHZgQhld9Amlvi5Xuf-0M4tzmF_1Pmi8N7dLJFvdCifMd242esq&sai=AMfl-YTWbgHtq52G74Qinjw5I3256gUKxkXLzR0YcxZfcEN1XJblD-gRZz4uHN3dqvJvHrqtKhh-zuSLXqcI&sig=Cg0ArKJSzECqp3MWlrxSEAE&id=lidar2&mcvt=1006&p=0,0,280,1200&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660136894059&rpt=999&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
avcplayer_2_89.js
cdn.avantisvideo.com/js/
279 KB
63 KB
Script
General
Full URL
https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:c200:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
WJ3jJPCCM3aAkcwTY.vegsvtShd_34Wm
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 11:56:10 GMT
server
AmazonS3
age
57424
etag
W/"c6be89ee3bd8da9b1dbb4115606e1bbd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6278ee254a7d35c23aae5e936b5a56ee.cloudfront.net (CloudFront)
date
Wed, 10 Aug 2022 05:45:56 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
wZFR7zTKk95lvcKfK7KPCTTWFnLUhhPfqa_FyNzslcwvXafGbMgyLg==
ins.txt
static.avantisvideo.com/data/
28 KB
4 KB
XHR
General
Full URL
https://static.avantisvideo.com/data/ins.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:7400:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 08:05:53 GMT
server
AmazonS3
age
59995
etag
W/"15dd250762ab54d6ff995255934ac6fe"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
YFk4b_VAFUtdiMC0KKNKxMd457qlft0XHo0Q-pLdZn4r-qSLrKT6hQ==
via
1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
hls.min.js
player.avplayer.com/script/2/2.55/libs/
247 KB
71 KB
Script
General
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:f700:4::212:4f10 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdterkhq60u1anBvyuKM7N69glhhj4-XdQvOTd0Hucnw6pdgeZ1WvboMBihB4ixs9kXyI-9t_H29mNHrnUAtHWblpzOfig
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 13:13:16 GMT
truncated
/
216 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
385 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
240 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 6CC2
387 KB
110 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4b9::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvPRuBEND1jFBl9kAWJxvZd0QG8dCVstteZx4Wh5Wi3L-FNsMEuS9dZ6dOlbe-YecKAV2qUr87_e1BobDIBq-i9PIoWq0pS
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111956
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"903f07ee74bf08435b31bae7c312f6d2"
vary
Accept-Encoding
x-goog-hash
crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation
1659879239099576
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
111956
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 13:13:16 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 2AFB
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssNYnSKHe8YNFpWdupAtvdOjrp0B7idHh2JL69ouZBMb9zGja7YJrE9LFzABlR_aDzLxIfQ6WtTayf9-hQ552REq9oUlOA4qtugf_ycGeU7Bh_wo9B6pIqaGXg3wsXJwCZOvu8sSr5DkCLJ&sai=AMfl-YRQZkQBhuxSbWCjEW9opKeY8-2FyTNR1rLiSVnT-GbGMSlaLED8XpDB6nV2Y95Lmr6xj8SaJakbo_Gd&sig=Cg0ArKJSzOAV-yBAAc5WEAE&id=lidar2&mcvt=1026&p=0,0,124,1005&mtos=159,629,1026,1189,1189&tos=159,470,397,163,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660136894819&rpt=257&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 13:08:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
track
track1.aniview.com/
0
71 B
Image
General
Full URL
https://track1.aniview.com/track?r=untoldtea.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=c2a9c63d-772b-4a48-893f-3a721b353ea5&rando=6&pid=61027ad23e194874003ad256&cid=61067b580d5316705a4e4044&stagid=&stplid=&e=inventory&vi=3&cb=1660136896480
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.12.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-12-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/
5 KB
2 KB
XHR
General
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Funtoldtea.com%2F&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fhls%2Fsports_01.m3u8%3Fid&tid=1&d=desktop&i=0&cc=DE&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=61027ad23e194874003ad256&AV_CHANNELID=61067b580d5316705a4e4044&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=untoldtea.com&AV_DADPOS=3&d36=6.2.41&responsive=1&sver=2&avtoken=896480&omv=1.0.1&clsid=c2a9c63d-772b-4a48-893f-3a721b353ea5&rando=6&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1660136896492
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.157.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-157-73.compute-1.amazonaws.com
Software
/
Resource Hash
f9896acaf66a1607530ea99861a313cab023fc0e147a12f5c6ab00a2faa5c619

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Fri, 29 Jul 2022 23:21:36 GMT
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220808&jk=3181948837774412&bg=!5Oel56PNAAZGjrx1Zo47ACkAdvg8Ws2onebCRzOlp6ftk4EeLX3xvwoWhVfybEjCUgOvk7mReSW0rgIAAAB6UgAAAAFoAQeZAsptRMv8IOiOqNnbO_vlJ9uGPggFDyAfrDv4qGgLNfhDDn7AAI5Q0XkEugs5d_OwpGtTn5xV2Z5N4bbdBV1OmD1SvMe_2lB4cqhdi_4aWwfOkSxH1XTE3SmwsfoJrN1V2upZ08WdyqYmJ5xP65omj6efbjJvZC10lECz6zvHxxbxbS6fI25EkweP-sCafZgIvMLIT6YkPvsySi974cIlyFBd9krQkcREYIpAiJwYAdlOVhibA2UrQM2kL1jxD7_3-pxitp8IYL1OkfasHKTqdE-Xs9eJ8MiIW_bi7JSzh964iIJJF1cmFeg88bBKWm0337APRuygd4iQK6jj5mJ9qGBY2a-Hi8dhNuhvXGnu_4AlRDKW67IeVGIwlVG4qdzRVN54zfttN-Lc2iUMrpA0BB0VFEvt0GbgtRkJtJRN5OWM-ERlJ0epFm7SrzGZhe3ihKKl_Yy_VH-Q6viTLnFbQpcmsZlGSwvUtQxfZBcdGEey7GAG6GRdFsWNXCJOvtjtvBuELuWqa2qPNmzncUk__qyliAv_UMcPrP_8upq7ea38EbVHg2aseiXPA8qw-GnMjeH2Bxos9JYMIBTJrn6F5TJS6P_1OiYllgaov23V2j8FKHODSl4IUws3JylCNMrJlKaNxAjtTCKjIVjmezeq_VFU125ib6jZLlUIrQEUjLJBTkxdjNUmeLwxi4y2wsemNe7q50oG0RPtcDyIOZNKDbXTjtYUYgN3QZrHyqIXIEnchvMygIVthBMIppNq_9A9hMFr6bg-HP3nVzwsMu1PSUGd_ib8Kl1l2I7SGuPXtsBPc7l1L_nMWauWllpibJT3le8JcOp-5B2YD-XEtakRnCwFzB3SY1BTFQg0Fd42iTDEvnfBq5bItI6emiI1HI1TJ2fAPxsU_o4Lk7ILQnsXVW5oYE6YIyRnip7QbTX-9DiN0JDx6y7VpG1-BtU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

sports_01.m3u8
content1.avantisvideo.com/hls/
15 KB
3 KB
XHR
General
Full URL
https://content1.avantisvideo.com/hls/sports_01.m3u8?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bf96e1d997f022dc7c2bc5877b3e9fc69a085f4e489e24136721233e10c75a7e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:18 GMT
content-encoding
gzip
last-modified
Sun, 09 Jan 2022 13:27:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"039aa57dfba0d41b33070f0ba5f348c2"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
x-amz-version-id
4GV7100biiVPQ7p0WyfIFNMjralPOeb3
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-type
application/x-mpegURL
x-amz-cf-id
OIZvWqi-5ircJjR1RLM7gMjnZeeD8FCQiu-oFWzsdn68t7TiocANIQ==
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
cookiesyncendpoint
sync.aniview.com/ Frame B473
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660136896827-960872106006-006803-006-002531%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1660136896827-960872106006-006803-006-002531%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660136896827-960872106006-006803-006-002531&biddername=55&key=6838623281319484762
0
216 B
Document
General
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1660136896827-960872106006-006803-006-002531&biddername=55&key=6838623281319484762
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.172.49.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-172-49-77.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 10 Aug 2022 13:08:17 GMT

Redirect headers

AN-X-Request-Uuid
f92a4462-ae0a-4de0-be54-1279973a3185
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Aug 2022 13:08:16 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1660136896827-960872106006-006803-006-002531&biddername=55&key=6838623281319484762
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
81.95.5.42; 81.95.5.42; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6CC2
178 KB
54 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4b9::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvZgRIjP_zIelaA7Qd1g7HiUpFR0g-chJF5oaDYPvMEf1YSybofZUrEc2MHFWWJBqU4p401BrNnbOxi4NEZxncbaA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"4ecda2f032d9e44c338b378388b06251"
vary
Accept-Encoding
x-goog-hash
crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation
1659879239799693
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 13:13:16 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6CC2
71 KB
22 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4b9::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduoB-bpO1LGLjlAbVkSJv3t_Td5BgCoQEK9tqlkppDPPh1DYMRzYFEoG7r3Kf2ybJ1gkAreVOiWExuIh56tP0L1F_op0wPw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"2ae737f175c0550382b15b7d6f5922f5"
vary
Accept-Encoding
x-goog-hash
crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation
1659879239872223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 13:13:16 GMT
avpb6.27.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 6CC2
68 KB
21 KB
Script
General
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:ea:4b9::2c79 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsocYRphmXxccsQnQCnte5DaRkiXbqU3-Gq1LJ-UqHnSPyhEzRSaVjsS7Pja-MvgdJao_BjvIulQ5RFkVvZQN8GDTPkZQsP
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20618
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"b4637f2b16940536698574e508f06ce3"
vary
Accept-Encoding
x-goog-hash
crc32c=yl9jOw==, md5=tGN/KxaUBTZphXTlCPBs4w==
x-goog-generation
1659879239902979
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20618
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 13:13:16 GMT
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=51588&t=1660136896&cip=81.95.5.42&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660136896827-960872106006-006803-006-002531&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=36619484849&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1660136896892&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.12.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-12-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:16 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://untoldtea.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 10 Aug 2022 13:08:17 GMT
server
ATS/9.1.10.25
/
hb.emxdgt.com/
0
157 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=7000&ts=1660136896952&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.79.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-79-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 13:08:16 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/
0
193 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 13:08:17 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 13:08:17 GMT
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame
0
0
Preflight
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://untoldtea.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 10 Aug 2022 13:08:17 GMT
server
ATS/9.1.10.25
track
track1.aniview.com/
0
70 B
Image
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=51588&t=1660136896&cip=81.95.5.42&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660136896827-960872106006-006803-006-002531&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=36619484849&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1660136897220&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.12.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-12-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 13:08:17 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/
0
19 B
XHR
General
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-246-167.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 13:08:17 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
/
hb.emxdgt.com/
0
156 B
XHR
General
Full URL
https://hb.emxdgt.com/?t=7000&ts=1660136897223&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.79.170 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-79-170.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 13:08:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
sports_01.ts
content1.avantisvideo.com/hls/
148 KB
149 KB
XHR
General
Full URL
https://content1.avantisvideo.com/hls/sports_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9e161b521aceb5cfdd1224bfb44ce5ba357f1810d0b39adc061d255f2d290708

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-151903

Response headers

date
Wed, 10 Aug 2022 13:08:18 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
Content-Range
bytes 0-151903/34605348
Content-Length
151904
last-modified
Sun, 09 Jan 2022 13:27:59 GMT
server
AmazonS3
etag
"07ffa395e99a77519ecec111ab22c6e2-3"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
L0RFJjxxY_Bj7hiJ2fdwET.L0cLCneeJ
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
NzuETfC3_9nDGtH-UORAOFff6GXCz9Oa5F0WHOt9u92iXs3RU_UNaw==
c4c624ad-df59-413d-ae6b-be20f653ac50
https://untoldtea.com/
63 KB
0
Other
General
Full URL
blob:https://untoldtea.com/c4c624ad-df59-413d-ae6b-be20f653ac50
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 13:08:17 GMT
check.html
biddr.brealtime.com/ Frame C456
926 B
1 KB
Document
General
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
2415
CF-Cache-Status
HIT
CF-RAY
7388f59b49a08ff4-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 10 Aug 2022 13:08:17 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Wed, 10 Aug 2022 14:08:17 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id
15DYQDFYDGXZWWWF
check.html
biddr.brealtime.com/ Frame D51E
926 B
1 KB
Document
General
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
4412
CF-Cache-Status
HIT
CF-RAY
7388f59b4e089a3b-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 10 Aug 2022 13:08:17 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Wed, 10 Aug 2022 14:08:17 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id
AGCHCGNC05GTWZVJ
sports_01.ts
content1.avantisvideo.com/hls/
139 KB
139 KB
XHR
General
Full URL
https://content1.avantisvideo.com/hls/sports_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bcbe335455fd51fe762c98c879b2abc933226759ba73e63e1b77fa31cdcd11fa

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=151904-293843

Response headers

date
Wed, 10 Aug 2022 13:08:18 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 151904-293843/34605348
Content-Length
141940
last-modified
Sun, 09 Jan 2022 13:27:59 GMT
server
AmazonS3
etag
"07ffa395e99a77519ecec111ab22c6e2-3"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
L0RFJjxxY_Bj7hiJ2fdwET.L0cLCneeJ
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
4bEVgl39Le7G8kDuaIg-95BEs_CAbu21ra6cWZelLM4Wt9o5bJP-Mg==
truncated
/
552 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
events1.avantisvideo.com/
0
34 B
Ping
General
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.224.187.254 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-224-187-254.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 13:08:18 GMT
sports_01.ts
content1.avantisvideo.com/hls/
122 KB
123 KB
XHR
General
Full URL
https://content1.avantisvideo.com/hls/sports_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6689ee6aca536ddbfb900af1890b6392651ec8e3fc583511ad08d480cf5802e5

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=293844-419051

Response headers

date
Wed, 10 Aug 2022 13:08:18 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 293844-419051/34605348
Content-Length
125208
last-modified
Sun, 09 Jan 2022 13:27:59 GMT
server
AmazonS3
etag
"07ffa395e99a77519ecec111ab22c6e2-3"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
L0RFJjxxY_Bj7hiJ2fdwET.L0cLCneeJ
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
706VV5cpbd98diDVOoAlkvB2z4J4RcMlfcxhLeUkhCZaZAGx__4O8Q==
sports_01.ts
content1.avantisvideo.com/hls/
161 KB
162 KB
XHR
General
Full URL
https://content1.avantisvideo.com/hls/sports_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
578595ef61ce6b4e5bdc0a27699977f0b64cf5b32cc3b985ac8406932aca2458

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=419052-584303

Response headers

date
Wed, 10 Aug 2022 13:08:18 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 419052-584303/34605348
Content-Length
165252
last-modified
Sun, 09 Jan 2022 13:27:59 GMT
server
AmazonS3
etag
"07ffa395e99a77519ecec111ab22c6e2-3"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
L0RFJjxxY_Bj7hiJ2fdwET.L0cLCneeJ
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
WGMh-rFoMFlspM16qHsB881y4L7okOlnKPLX46oR1kGvGyrX_qmBMg==
sports_01.ts
content1.avantisvideo.com/hls/
155 KB
156 KB
XHR
General
Full URL
https://content1.avantisvideo.com/hls/sports_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:aa00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49f6e2bdf62cf39ffed2f768f85e050497a9f96541727d613c701d4db81431a7

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=584304-743351

Response headers

date
Wed, 10 Aug 2022 13:08:18 GMT
via
1.1 91dc0292eef4e22508a3ae73fe64bbf4.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 584304-743351/34605348
Content-Length
159048
last-modified
Sun, 09 Jan 2022 13:27:59 GMT
server
AmazonS3
etag
"07ffa395e99a77519ecec111ab22c6e2-3"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
L0RFJjxxY_Bj7hiJ2fdwET.L0cLCneeJ
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
TRlKkZmA3i3iFRab-zm0kQreYDpbzDJ5JtnRdJ_h1AG9a3gBbZ6d4A==
track
track1.aniview.com/
0
94 B
XHR
General
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=51588&t=1660136896&cip=81.95.5.42&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660136896827-960872106006-006803-006-002531&cha=0.05&stagid=&stplid=&d35=&d36=6.2.41&cb=36619484849&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.221.12.160 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-221-12-160.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 Aug 2022 13:08:21 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDHTNxFrAfXxaNdsf_JrK88&google_cver=1&google_push=AehlK4DfZWlrN4_H69CASfz67Yitz6utXEa95Ms_g2BglOvTGsve_hSZlj8AjEZNzzTfKE9-ugIOM5dNZFF7yv6n7IThgB8ngPMGzg
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDHTNxFrAfXxaNdsf_JrK88&google_cver=1&google_push=AehlK4Dm7i3lNLemfqnFC_z21yNvEAonV-X8kSfHw3rvlGjHn_ggrkoe6nyV_wpJG9uiZnj4xar3QxzPfYM94UHCTUsSes60gaKdCg

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery object| myAjax object| dataLayer object| astra function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| adsforwp_obj object| e object| adsforwp_browser_obj function| checkOrResult function| checkAndResult object| socialsnap_script function| ss_throttle object| socialsnapfields object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| IvorySearchVars function| ivory_search_analytics object| bootstrap function| loadMore function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| google_llp object| googletag object| avntsWebpackJsonp number| avnts_player number| _swclk_ number| _swsts_ object| PushlySDK function| pushly function| gtag string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData number| link number| len object| GoogleGcLKhOms object| avntsQ object| com function| _avcp object| storageAni object| google_image_requests function| Hls

36 Cookies

Domain/Path Name / Value
untoldtea.com/ Name: PHPSESSID
Value: e7e8e0e06c75ec51a13e0f15ef9fac35
.untoldtea.com/ Name: _ga_M28037773M
Value: GS1.1.1660136893.1.0.1660136893.0
.untoldtea.com/ Name: __gads
Value: ID=98959a6fe2906592-229154b0eccd00ba:T=1660136894:RT=1660136894:S=ALNI_MYACuSpYpQuldzgMaBMFWogfITtnQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnhVIiXQTS-uJGZbZuSnIMSKAx4012WCTnsifOYvGKTYaTAjxZtCEgBmg-Lf3g
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EFcBCQHpJoEA
.quantserve.com/ Name: mc
Value: 62f3adbf-63c2f-7a99e-627be
.casalemedia.com/ Name: CMID
Value: YvOtv4uabOQShdACYUul4QAA
.casalemedia.com/ Name: CMPS
Value: 5160
.casalemedia.com/ Name: CMPRO
Value: 5160
.untoldtea.com/ Name: _pnvl
Value: false
.untoldtea.com/ Name: pushly.user_puuid
Value: U0ExE2Vo88dBBa6oJS5x0jsyndtmHysX
.untoldtea.com/ Name: _pndnt
Value:
.untoldtea.com/ Name: _ga
Value: GA1.2.1123665139.1660136894
.untoldtea.com/ Name: _gid
Value: GA1.2.2067350326.1660136896
.untoldtea.com/ Name: _gat_gtag_UA_105305343_4
Value: 1
.casalemedia.com/ Name: CMTS
Value: 5148
.untoldtea.com/ Name: _pnlspid
Value: 14214
.untoldtea.com/ Name: _pnss
Value: dismissed
.untoldtea.com/ Name: _pnpdm
Value: true
.agkn.com/ Name: ab
Value: 0001%3AK5j%2B%2BdzAGgE3wZNlKVpDfhZD0sYNBlYV
.agkn.com/ Name: u
Value: C|0CEAqhmo_KoZqPwAAAAAAAQ13AQCAAQpAAAAAAA
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: na_tc
Value: Y
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220810
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
.addthis.com/ Name: na_id
Value: 2022081013081600013969812468
.addthis.com/ Name: uid
Value: 62f3adc0ebff4206
.addthis.com/ Name: ouid
Value: 62f3adc000013dc226a5ec5d55a4e81f4bc7d06e512aa8b890b7
.innovid.com/ Name: uuid
Value: b4d019a1-ed82-4ba3-8e1f-0d5c9eb5f36c-20220810 09:08:16
.adnxs.com/ Name: uuid2
Value: 6838623281319484762
untoldtea.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.aniview.com/ Name: 2_C_55
Value: 6838623281319484762
sync.aniview.com/ Name: 2_C_55
Value: 6838623281319484762

4 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BxwRhEieBv6HIVZC33EguwxBXruqLBi5mg2wkhnBOTFdmfby0a6cYsVBDcMqOyHxBLxreywdKOaysypKj-eK-V-zLrBNE&google_gid=CAESEOyQfBpcoIk5EAGYEjHBv3A&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDHTNxFrAfXxaNdsf_JrK88&google_cver=1&google_push=AehlK4DfZWlrN4_H69CASfz67Yitz6utXEa95Ms_g2BglOvTGsve_hSZlj8AjEZNzzTfKE9-ugIOM5dNZFF7yv6n7IThgB8ngPMGzg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEDHTNxFrAfXxaNdsf_JrK88&google_cver=1&google_push=AehlK4Dm7i3lNLemfqnFC_z21yNvEAonV-X8kSfHw3rvlGjHn_ggrkoe6nyV_wpJG9uiZnj4xar3QxzPfYM94UHCTUsSes60gaKdCg
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4CSo-vFvP3dMqnjyNU3hDeASLy6EAdAjqYNbT52w76-niQ28_sbgvAzBIWZkaywhtMO8Z-GD2tvk5i-vPZugOw7YEoU5yFA&google_gid=CAESEOyQfBpcoIk5EAGYEjHBv3A&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
avm.avantisvideo.com
biddr.brealtime.com
c2shb.pubgw.yahoo.com
cdn.avantisvideo.com
cdn.p-n.io
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
content1.avantisvideo.com
d.agkn.com
e.dlx.addthis.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hb.emxdgt.com
id.rlcdn.com
image6.pubmatic.com
k.p-n.io
maxcdn.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
player.avplayer.com
region1.google-analytics.com
rtb.openx.net
secure.adnxs.com
ssum-sec.casalemedia.com
static.avantisvideo.com
stats.g.doubleclick.net
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
untoldtea.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.17.120.107
104.18.19.126
104.96.159.57
142.250.184.194
142.250.186.162
18.195.201.66
18.195.92.58
18.66.112.102
185.64.190.78
185.89.210.141
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2b
2600:9000:206e:6200:3:748e:7940:93a1
2600:9000:223f:aa00:1e:efeb:b400:93a1
2600:9000:2250:7400:8:9ed9:9c40:93a1
2600:9000:2490:c200:1c:38a0:8a40:93a1
2606:4700:3033::6815:3f36
2606:4700:7::a29f:872a
2606:4700::6811:180e
2606:4700::6812:acf
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:813::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82a::200a
2a00:1450:4001:831::2003
2a00:1450:400c:c0b::9c
2a02:26f0:ea:4a5::2c79
2a02:26f0:ea:4b9::2c79
2a02:26f0:f700:4::212:4f10
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21
3.221.12.160
34.98.67.61
35.157.246.167
35.172.49.77
35.186.253.211
35.244.174.68
44.224.187.254
52.57.79.170
54.145.157.73
69.173.144.139
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
048b55e1d395a710496a0027fb20fc0743a46105270a46bc44d1974cf3675e95
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ca708ccd7af4d1c6cca7e95ad4dcbb2f5cd5968e35616c674c1f5d58066afec
0e41596d69ea8e9af53bbf66c5b8447e300fdf6a55a434961e19211d6d293b2a
1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c0f750162beb4e743a4863dd1303c8e6bc266b98c7ffaf09ac2bdb2211b0a65
1d4caef55ff741356acd6fd984a4ec0934c437948b4bc4eb7a35d4fda592b638
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
34860215432066d52c92ef307c31e4afd12039ddf062b1e65644a553cf392a9f
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3617ba388f333ce6757735de4a2d5dbb434aae3f639f5fb013d96c881591a977
3b542ae31f76642485ff5b81fc55081f19dfe1d936cca6a2b21fd5a3e32cce92
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217
41befc450dd1143c5b4888ffcda134062b76c94946f00e211d0d00accf14f954
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
4834fb8da7ae3a8997b2a29cfb12434b88f7d51dc9fe9962b60bf6f5456d03bb
49f6e2bdf62cf39ffed2f768f85e050497a9f96541727d613c701d4db81431a7
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d76575ecdca871e4eb7e36ba5c5c64b1c8ce387b3e2989990e50a57c797e033
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
578595ef61ce6b4e5bdc0a27699977f0b64cf5b32cc3b985ac8406932aca2458
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429
5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60dcb89a62f0a918da59b8dd01ce53898cfae726e3dff253a52a75b2b45131fa
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6615563624785e69cedacbba7474a887c4f31451c8aee2fde9a4b8eb5d237e6d
6689ee6aca536ddbfb900af1890b6392651ec8e3fc583511ad08d480cf5802e5
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
727008b6ca98d6a226d11dfffa5fe8ae3b39d6bf14012d87d71213c849ec03c8
7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509
7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43
7f8f4a16467c23ae2fd8e0b94ffac451bd278f91551632c63a6a309f36af4b0b
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
83d3e8f60a417200064eecf631559ddd33e36a3376d307b3bf24d715a62245ca
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374
88d68979df01f2534c41091a51885974956bde77222e11d290e4c047196fa9b1
8920176024bcd1125f115e463b13d79862d26782882e858546330ce51627e3b6
896e4d89ac5b24a26055d5cb2729cccf1c6aa3272eb7855b409461fef56991df
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5
8de62c9ad4bac794efddbe235c213f279a613f3044a53e198e1dfc8f9d56e261
925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e161b521aceb5cfdd1224bfb44ce5ba357f1810d0b39adc061d255f2d290708
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e
a1cec03cd813835f4a89d32fbf9c99d192bdebab08d0e5403b123733ad647369
a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010
a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5418852cad7a197516e001aa805ca8c190ea5d1c86dd12f798e00a31844761f
a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac
a9368714a5d51d141648ecf5a5c9a8ab041924d474da8f9a48e141b2e8c955e5
ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b52b10195795deb53de895ca9e4095b5b89aeb710a0d1b950d7a8e922f4d3216
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
b9a73858c84135c123879eaff2d94ca31f2a9397ac1408cccccd87350919aa8a
bcbe335455fd51fe762c98c879b2abc933226759ba73e63e1b77fa31cdcd11fa
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bf96e1d997f022dc7c2bc5877b3e9fc69a085f4e489e24136721233e10c75a7e
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
dc9812c4bbf933c8cef8bd54b652f4af15e0ac7ed61b83ada67415483054d85d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc
f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47
f5de82692d9581c8b5ce0ed726fdcecf4453635fa1ed28318c824971f0059022
f9896acaf66a1607530ea99861a313cab023fc0e147a12f5c6ab00a2faa5c619
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e