urlscan.io logo urlscan.io
SecurityTrails logo

untoldtea.com Open in urlscan Pro
2606:4700:7::a29f:862a  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://untoldtea.com/
Effective URL: https://untoldtea.com/
Submission: On August 10 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 44 IPs in 8 countries across 34 domains to perform 221 HTTP transactions. The main IP is 2606:4700:7::a29f:862a, located in United States and belongs to CLOUDFLARENET, US. The main domain is untoldtea.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 5th 2022. Valid for: a year.
This is the only time untoldtea.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 32 2606:4700:7::... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
16 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (STACKPATH...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 18.66.112.48 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 142.250.184.194 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:249... 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 35 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:225... 16509 (AMAZON-02)
7 44.241.52.146 16509 (AMAZON-02)
4 2600:9000:225... 16509 (AMAZON-02)
4 8 2a00:1450:400... 15169 (GOOGLE)
2 3 2620:116:800d... 16509 (AMAZON-02)
1 1 52.211.246.129 16509 (AMAZON-02)
14 142.250.186.98 15169 (GOOGLE)
1 1 18.195.201.66 16509 (AMAZON-02)
2 2 2.18.168.242 16625 (AKAMAI-AS)
3 198.47.127.19 62713 (AS-PUBMATIC)
3 3 69.173.144.138 26667 (RUBICONPR...)
4 4 104.18.19.126 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 35.244.174.68 15169 (GOOGLE)
1 35.186.253.211 15169 (GOOGLE)
2 2a05:d01c:1d8... 16509 (AMAZON-02)
2 142.250.181.227 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 3.66.183.129 16509 (AMAZON-02)
1 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 34.193.168.14 14618 (AMAZON-AES)
1 54.145.157.73 14618 (AMAZON-AES)
6 2600:9000:223... 16509 (AMAZON-02)
2 2 185.89.210.180 29990 (ASN-APPNEX)
1 54.175.105.5 14618 (AMAZON-AES)
4 52.28.203.152 16509 (AMAZON-02)
2 3.73.18.26 16509 (AMAZON-02)
2 104.17.119.107 13335 (CLOUDFLAR...)
221 44
32    2606:4700:7::a29f:862a (United States)

ASN13335 (CLOUDFLARENET, US)
untoldtea.com
1    2606:4700:3033::6815:3f36 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
16    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
5    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    18.66.112.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-48.fra56.r.cloudfront.net
cdn.p-n.io
22    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2600:9000:2490:b400:1c:38a0:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.avantisvideo.com
cdn1.avantisvideo.com
7    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
35    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2600:9000:2250:8e00:8:9ed9:9c40:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.avantisvideo.com
7    44.241.52.146 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-241-52-146.us-west-2.compute.amazonaws.com
events1.avantisvideo.com
4    2600:9000:225e:c600:3:748e:7940:93a1 (United States)

ASN16509 (AMAZON-02, US)
avm.avantisvideo.com
8    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    52.211.246.129 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-246-129.eu-west-1.compute.amazonaws.com
pixel.everesttech.net
14    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
1    18.195.201.66 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-201-66.eu-central-1.compute.amazonaws.com
d.agkn.com
2    2.18.168.242 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-168-242.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
4    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net
p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com
1    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a02:26f0:3500:58c::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
play.aniview.com
2    3.66.183.129 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-66-183-129.eu-central-1.compute.amazonaws.com
k.p-n.io
1    2a02:26f0:3500:c::5c7b:6822 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.avplayer.com
4    2a02:26f0:3500:595::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
4    34.193.168.14 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-168-14.compute-1.amazonaws.com
track1.aniview.com
1    54.145.157.73 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-145-157-73.compute-1.amazonaws.com
go1.aniview.com
6    2600:9000:223f:2c00:1e:efeb:b400:93a1 (United States)

ASN16509 (AMAZON-02, US)
content1.avantisvideo.com
2    185.89.210.180 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    54.175.105.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-105-5.compute-1.amazonaws.com
sync.aniview.com
4    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.pubgw.yahoo.com
2    3.73.18.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
2    104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
Apex Domain
Subdomains		 Transfer
51 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 124
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
1013 KB
36 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
cm.g.doubleclick.net — Cisco Umbrella Rank: 208
stats.g.doubleclick.net — Cisco Umbrella Rank: 118
182 KB
32 untoldtea.com
untoldtea.com
983 KB
24 avantisvideo.com
cdn.avantisvideo.com — Cisco Umbrella Rank: 21328
static.avantisvideo.com — Cisco Umbrella Rank: 21877
events1.avantisvideo.com — Cisco Umbrella Rank: 20158
cdn1.avantisvideo.com — Cisco Umbrella Rank: 25331
avm.avantisvideo.com — Cisco Umbrella Rank: 22033
content1.avantisvideo.com — Cisco Umbrella Rank: 39516
995 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com
147 KB
11 aniview.com
play.aniview.com — Cisco Umbrella Rank: 15151
player.aniview.com — Cisco Umbrella Rank: 1567
track1.aniview.com — Cisco Umbrella Rank: 1647
go1.aniview.com — Cisco Umbrella Rank: 4734
sync.aniview.com — Cisco Umbrella Rank: 2403
211 KB
10 google.com
adservice.google.com — Cisco Umbrella Rank: 98
www.google.com — Cisco Umbrella Rank: 10
2 KB
6 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 187
259 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 67
4 KB
4 yahoo.com
c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 910
212 B
4 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 453
4 KB
4 p-n.io
cdn.p-n.io — Cisco Umbrella Rank: 4423
k.p-n.io — Cisco Umbrella Rank: 2855
58 KB
3 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 326
1 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 636
248 B
3 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 1083
1 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2742
www.google-analytics.com — Cisco Umbrella Rank: 52
20 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 94
154 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
129 KB
2 brealtime.com
biddr.brealtime.com — Cisco Umbrella Rank: 2731
2 KB
2 emxdgt.com
hb.emxdgt.com — Cisco Umbrella Rank: 2634
313 B
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 462
2 KB
2 innovid.com
ag.innovid.com — Cisco Umbrella Rank: 1388
593 B
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 611
107 B
2 addthis.com
e.dlx.addthis.com — Cisco Umbrella Rank: 1751
1 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8117
914 B
1 avplayer.com
player.avplayer.com — Cisco Umbrella Rank: 11018
71 KB
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1516
350 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 568
758 B
1 everesttech.net
pixel.everesttech.net — Cisco Umbrella Rank: 2926
375 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 862
647 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 731
14 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
30 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 951
13 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
221 34
Domain Requested by
35 tpc.googlesyndication.com 1 redirects googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
32 untoldtea.com 1 redirects untoldtea.com
code.jquery.com
21 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
untoldtea.com
16 pagead2.googlesyndication.com untoldtea.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
tpc.googlesyndication.com
14 cm.g.doubleclick.net untoldtea.com
googleads.g.doubleclick.net
8 www.google.com 4 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
7 events1.avantisvideo.com untoldtea.com
7 www.gstatic.com googleads.g.doubleclick.net
6 content1.avantisvideo.com player.avplayer.com
6 www.googletagservices.com googleads.g.doubleclick.net
5 fonts.googleapis.com untoldtea.com
googleads.g.doubleclick.net
4 c2shb.pubgw.yahoo.com player.aniview.com
4 track1.aniview.com untoldtea.com
player.aniview.com
4 player.aniview.com cdn.avantisvideo.com
player.aniview.com
4 ssum-sec.casalemedia.com 4 redirects
4 avm.avantisvideo.com cdn1.avantisvideo.com
cdn.avantisvideo.com
4 cdn.avantisvideo.com www.googletagmanager.com
cdn.avantisvideo.com
4 fonts.gstatic.com fonts.googleapis.com
3 pixel.rubiconproject.com 3 redirects
3 image6.pubmatic.com googleads.g.doubleclick.net
3 cms.quantserve.com 2 redirects googleads.g.doubleclick.net
3 www.googletagmanager.com untoldtea.com
www.googletagmanager.com
3 cdnjs.cloudflare.com untoldtea.com
cdnjs.cloudflare.com
2 biddr.brealtime.com player.aniview.com
2 hb.emxdgt.com player.aniview.com
2 secure.adnxs.com 2 redirects
2 k.p-n.io cdn.p-n.io
2 p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com
2 ag.innovid.com googleads.g.doubleclick.net
2 id.rlcdn.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 e.dlx.addthis.com 2 redirects
2 static.avantisvideo.com cdn.avantisvideo.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 cdn.p-n.io www.googletagmanager.com
cdn.p-n.io
1 sync.aniview.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 player.avplayer.com cdn.avantisvideo.com
1 play.aniview.com cdn.avantisvideo.com
1 stats.g.doubleclick.net www.google-analytics.com
1 rtb.openx.net googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 pixel.everesttech.net 1 redirects
1 cdn1.avantisvideo.com cdn.avantisvideo.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 maxcdn.bootstrapcdn.com untoldtea.com
1 code.jquery.com untoldtea.com
1 use.fontawesome.com untoldtea.com
0 googlecm.hit.gemius.pl Failed googleads.g.doubleclick.net
221 51

This site contains links to these domains. Also see Links.

Domain
socialsnap.com
Subject Issuer Validity Valid
untoldtea.com
Cloudflare Inc ECC CA-3		 2022-07-05 -
2023-07-04		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2021-07-14 -
2022-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
pushlycdn.com
Amazon		 2022-02-14 -
2023-03-15		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.avantisvideo.com
Amazon		 2021-11-24 -
2022-12-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-07-18 -
2022-10-10		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.innovid.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-15 -
2023-04-15		 a year crt.sh
*.aniview.com
DigiCert SHA2 Secure Server CA		 2021-12-30 -
2023-01-03		 a year crt.sh
*.p-n.io
Amazon		 2022-01-10 -
2023-02-06		 a year crt.sh
outstreamedia.com
R3		 2022-07-17 -
2022-10-15		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.emxdgt.com
Amazon		 2022-06-02 -
2023-07-01		 a year crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2022-01-21 -
2023-02-22		 a year crt.sh

This page contains 29 frames:

Primary Page: https://untoldtea.com/
Frame ID: 1F3E25DB14850BD3AD9347C21FA33FF2
Requests: 97 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Frame ID: DE53D86B0B6DB1ACB9FA3A61041AF4B4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1660157852&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852552&bpp=6&bdt=936&idt=146&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8690092849266&frm=20&pv=2&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Frame ID: 15EF45B1DC0A13D5BCE3870F43CF5578
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Frame ID: 470166D512B77DFDD2E683A239B839AF
Requests: 15 HTTP requests in this frame

Frame: https://cdn1.avantisvideo.com/connect/u_d.html
Frame ID: EAC9E882C88FB2E1330ED5964D3C7289
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 65EB06691D995593D364BCA8E5D1897E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Frame ID: 4C0DABB55EA5D3733C1AC46D99AC0F30
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Frame ID: DE4A9E41C4473759E775FC7A23D7425B
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Frame ID: D91201F10A225AC620D5574E533FD981
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: 32B729099B72AE5FB2DA35A8C8B5E9B2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: 02B1BA2506684D3033E7B28DDB6896C3
Requests: 10 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3DC5F128A3021652C072D8A04662ECD5
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 090176F04D31FB35C2F1B58C56C238DF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 4E5C6209D8B69F0161A972ADDF0767D9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: FC010066741A1C2C5712F8D8255B29D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6541B9FA5FC96656AE8ADB698C0303E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FB21A618A299F5B5C6D4CECC6102F923
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9864CBEBB0C09B9D6FE2F6F24B065059
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 9C403E9905583F31DCE66ACDE9056A96
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 0C0407937964198595A321EE03BB0E14
Requests: 2 HTTP requests in this frame

Frame: https://p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 21AAA03FFBF138A7CC2E5BDC14DE8092
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 29D51DBCA4CE0FDBB62A6E1A4C5D75AB
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Frame ID: 10ACBAA1DDB252E0B10437487494AC9A
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Frame ID: 1012653C6F51B0C4F02B8867E3288A8C
Requests: 1 HTTP requests in this frame

Frame: https://sync.aniview.com/cookiesyncendpoint?auid=1660157854875-935139784106-007292-010-005166&biddername=55&key=2251023957780120123
Frame ID: 050831A8D073B8F83446F8333A447213
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 72969B1CAC996B8673B90A4CE6B2B344
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B67EB639DC3B25EEAC22436882F08FA
Requests: 2 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 77734C570C5E7623B9987AA03D0B1E03
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E4C57F29E492CB7027C57EAB2171D81A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Untoldtea

Page URL History Show full URLs

  1. http://untoldtea.com/ HTTP 301
    https://untoldtea.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

221
Requests

94 %
HTTPS

57 %
IPv6

34
Domains

51
Subdomains

44
IPs

8
Countries

4289 kB
Transfer

8818 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://untoldtea.com/ HTTP 301
    https://untoldtea.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 77
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 99
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 118
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 120
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4A_G_TsCktNnRO0m3Ot5SMnn5n3Bb6o47N44ulo1fZEqxPBantBlgUJgmn2NsUwyXHYxCDGPnCkFHXMLf3ZeGisxYTn-iY&google_gid=CAESEBXXNwoD7gCkK4MPFCLuvxM&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZQLW5nQUFCRUpkbW1kdQ&google_push=AehlK4A_G_TsCktNnRO0m3Ot5SMnn5n3Bb6o47N44ulo1fZEqxPBantBlgUJgmn2NsUwyXHYxCDGPnCkFHXMLf3ZeGisxYTn-iY
Request Chain 121
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAtF_hi2kgSP0QO2DXeXqfk&google_cver=1&google_push=AehlK4BqF3-AT8V7UACmCw9PPksmC3dwoXvz1hgZuQst0k4FkLhMSEfW7u99h4WZvKmnJA6TCDp9e_zRBP4x06Jt5RNoi9qMwIM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BqF3-AT8V7UACmCw9PPksmC3dwoXvz1hgZuQst0k4FkLhMSEfW7u99h4WZvKmnJA6TCDp9e_zRBP4x06Jt5RNoi9qMwIM&google_hm=Q0FFU0VBdEZfaGkya2dTUDBRTzJEWGVYcWZr
Request Chain 122
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BwovlD3hyj-phYMZC2gtJgJ65UkKVWUgtuaV1fYoVN1tO6TTiEweXvoFl-qpagXZusyaLC4t-SHeFgbda5nOM2U-Ca-sE&google_gid=CAESEAzCumgzjUHVOuZVNRE4M08&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BwovlD3hyj-phYMZC2gtJgJ65UkKVWUgtuaV1fYoVN1tO6TTiEweXvoFl-qpagXZusyaLC4t-SHeFgbda5nOM2U-Ca-sE&google_gid=CAESEAzCumgzjUHVOuZVNRE4M08&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxODU3MzQwMDA4NTM4ODc3MTAzOA%3D%3D&google_push=AehlK4BwovlD3hyj-phYMZC2gtJgJ65UkKVWUgtuaV1fYoVN1tO6TTiEweXvoFl-qpagXZusyaLC4t-SHeFgbda5nOM2U-Ca-sE
Request Chain 124
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOS8XS0FPr43XEE4QjPdWyc&google_cver=1&google_push=AehlK4A7i9x5Odvb2IJSyRgYtk88CqF3IIpC-cZLB15uJS4gJFZN75Nl9U8GsGYs3Syt1C8FOT-nVWzXFPTbWXMPRZYvlLzv40c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFRlEtVC01UUlV&google_push=AehlK4A7i9x5Odvb2IJSyRgYtk88CqF3IIpC-cZLB15uJS4gJFZN75Nl9U8GsGYs3Syt1C8FOT-nVWzXFPTbWXMPRZYvlLzv40c
Request Chain 125
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_cver=1&google_push=AehlK4AWVM2yFZ1bEbNWCDx4smpqEGWoe6cXHmq13G0hHq2_XBW9XI3XxWRrP5URcKw3e89dYwyEEOTS421FMCwbA3NWTLkuN-g HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_push=AehlK4AWVM2yFZ1bEbNWCDx4smpqEGWoe6cXHmq13G0hHq2_XBW9XI3XxWRrP5URcKw3e89dYwyEEOTS421FMCwbA3NWTLkuN-g&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4AWVM2yFZ1bEbNWCDx4smpqEGWoe6cXHmq13G0hHq2_XBW9XI3XxWRrP5URcKw3e89dYwyEEOTS421FMCwbA3NWTLkuN-g
Request Chain 138
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPv9L5EBDLAhjLAjIIO3y6dLyECcw HTTP 301
  • https://tpc.googlesyndication.com/simgad/8341226500854338885
Request Chain 155
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJWbeD56tXWi2SjnzfOakWE&google_cver=1&google_push=AehlK4CDCMIeGQGj0HXzRHxjRMQD5GgtfELMm6Hb4lj4NTuyPQzcZaF5ByTtEPVtSqfC5h2nHPRmkAGWNpL4luh1XuM-3P0XJxA HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CDCMIeGQGj0HXzRHxjRMQD5GgtfELMm6Hb4lj4NTuyPQzcZaF5ByTtEPVtSqfC5h2nHPRmkAGWNpL4luh1XuM-3P0XJxA&google_hm=fuji1-a9HOvD6ZG7g_PbPQ
Request Chain 159
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOS8XS0FPr43XEE4QjPdWyc&google_cver=1&google_push=AehlK4AITUocKHbbqhYAQrLSqVhvBHjPSchM8f2kJjs8FAfMBKiz2qFUumh7WRJ5e76tyI6dC4tJxH2naJnd1QFEuGF-zPxN-i4 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTEotMTUtMlA3Ng==&google_push=AehlK4AITUocKHbbqhYAQrLSqVhvBHjPSchM8f2kJjs8FAfMBKiz2qFUumh7WRJ5e76tyI6dC4tJxH2naJnd1QFEuGF-zPxN-i4
Request Chain 160
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_cver=1&google_push=AehlK4D9hRMHUfKzi8E1wPvz6Sc2MuqtH5erBUq0JfUTMOLQw_0VAZksOiglqJIkr4aYVQMFW9Iv7hhDY5oIQxuxVHS9mFFqN4o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4D9hRMHUfKzi8E1wPvz6Sc2MuqtH5erBUq0JfUTMOLQw_0VAZksOiglqJIkr4aYVQMFW9Iv7hhDY5oIQxuxVHS9mFFqN4o
Request Chain 170
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJWbeD56tXWi2SjnzfOakWE&google_cver=1&google_push=AehlK4AJ6PGvbIPVnygmyznPCY0iO1O5wn1vM0XWzYw1kbeescYGZ2GjBqgenr6Mj20N49zZ1hsUBTPlN8uxTaf9BDYGvQ8SPmE0DACJyTBjOIsUQcU7cORKUpJB_WfEwcbHH8i3EVnE55oeoi3A2SCrcg HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AJ6PGvbIPVnygmyznPCY0iO1O5wn1vM0XWzYw1kbeescYGZ2GjBqgenr6Mj20N49zZ1hsUBTPlN8uxTaf9BDYGvQ8SPmE0DACJyTBjOIsUQcU7cORKUpJB_WfEwcbHH8i3EVnE55oeoi3A2SCrcg&google_hm=fuji1-a9HOvD6ZG7g_PbPQ
Request Chain 173
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOS8XS0FPr43XEE4QjPdWyc&google_cver=1&google_push=AehlK4AMfSMRam0ot6Zlyo1qQRLRIrQPl8NCSRj2dd65PzU73kSXGN6UpJrS_lHEyFQpzj9k3_4jqju4JoIzE1Y9Q0lVAc5Orj0GgP_oNWrAU0tTUfICewaeiRkrCJDqGYVVDt_sJYNkSC9zh2Wi7s1a8Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTkstMjgtQVRZSg==&google_push=AehlK4AMfSMRam0ot6Zlyo1qQRLRIrQPl8NCSRj2dd65PzU73kSXGN6UpJrS_lHEyFQpzj9k3_4jqju4JoIzE1Y9Q0lVAc5Orj0GgP_oNWrAU0tTUfICewaeiRkrCJDqGYVVDt_sJYNkSC9zh2Wi7s1a8Q
Request Chain 174
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_cver=1&google_push=AehlK4B5_zHOoy4Q04URdt4teJuJQahqdsEf_KoNIAG4t39nywWO9EiDyW_rJa4IfFjvBTtunGUDlwmSgyOtoCqju0TO_q4F4ywF7rwoqsuJz277C3pwVDJnoftLaajU7A9Wu60gyR156I4xDbfqxw3QFk8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4B5_zHOoy4Q04URdt4teJuJQahqdsEf_KoNIAG4t39nywWO9EiDyW_rJa4IfFjvBTtunGUDlwmSgyOtoCqju0TO_q4F4ywF7rwoqsuJz277C3pwVDJnoftLaajU7A9Wu60gyR156I4xDbfqxw3QFk8
Request Chain 178
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 196
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660157854875-935139784106-007292-010-005166%26biddername%3D55%26key%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1660157854875-935139784106-007292-010-005166%2526biddername%253D55%2526key%253D%2524UID HTTP 302
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660157854875-935139784106-007292-010-005166&biddername=55&key=2251023957780120123

221 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
untoldtea.com/
Redirect Chain
  • http://untoldtea.com/
  • https://untoldtea.com/
84 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
896e4d89ac5b24a26055d5cb2729cccf1c6aa3272eb7855b409461fef56991df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
738af5296c7490dc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
ki-cache-type
None
ki-cf-cache-status
BYPASS
ki-edge
v=17.7
link
<https://untoldtea.com/wp-json/>; rel="https://api.w.org/", <https://untoldtea.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://untoldtea.com/>; rel=shortlink
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2B28hbFdrhXDfuOBMHWfhaNb3Sk3yJnuuIXs2G5gOug3CgfxmPpbGp1QB1i4GZeA84PXxNfCekO%2BikKwcE20gLKuYxr2J4LgEjvigwoTFlQ27MGK%2BHvS%2Bk8bnrvZqulP8aM8CMTVz6zF%2FqA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-edge-location-klb
1
x-kinsta-cache
HIT

Redirect headers

CF-Cache-Status
DYNAMIC
CF-Ray
738af5276d246937-FRA
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Wed, 10 Aug 2022 18:57:31 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Ki-CF-Cache-Status
BYPASS
Location
https://untoldtea.com/
NEL
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
Pragma
no-cache
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iapCTiirFZQ5BVmEbIL95U4RkM%2FS9bH9Y5v2hx9TQgMp%2Ft%2BCSImaoiLc01JLYF8oM1pUiF7TKxzBsnx8UokpCn2uDeEin%2BWIhNGkSXLjWFxHkj7ahLKbVajsCS0qxHEQ%2FgnFRXfB9M7BxZE%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Edge-Location-Klb
1
X-Kinsta-Cache
HIT
X-Redirect-By
WordPress
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cache-type
None
ki-edge
v=17.7
main.bundle.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		143 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/main.bundle.min.css?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,05f633772b5dd5612ecc438bbaba88c51ced66e2d0af920e82671d67527bde25
cf-cache-status
HIT
ki-edge
v=17.7
age
86094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Mon, 15 Nov 2021 14:14:48 GMT
server
cloudflare
etag
W/"61926b58-23d8f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J3qig%2FSzRoQjfiqX3L4MXfqV0YSTqXdKousTP8wty3LpEzYe4ug%2BcVb86FXlQIzYFBfjbuWXkWD65MEZ%2Bqn%2FMqnGbDwk5iHGCckYUhfMWytl9I6%2F6rNJ4zo16mPUZWnusNmNUi47l0YoNuY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52ca89e90dc-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
main.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/minified/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/minified/main.min.css?ver=3.4.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1ead8f179b35d41d49a7ab4218039f8e1b29f4d1272ffc0ee2725e529bc2a9db
cf-cache-status
HIT
ki-edge
v=17.7
age
86094
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Wed, 12 May 2021 10:34:35 GMT
server
cloudflare
etag
W/"609baf3b-e390"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZ2Rd1j2nXQ3iF9JcOyuONanSSMDTWcHATBUrAaA2L%2Bt070uw8PZwsnApWbl%2FRC6FB7Zl9gvy%2BpLzclVPLQSXsSOK2iipABuBbxmJBN%2Fk5wQEfa%2F5Lrfdeq1qleVVwbzvtyXGLYQMnCAWiw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52ca8a390dc-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
wp-emoji-release.min.js
untoldtea.com/wp-includes/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/js/wp-emoji-release.min.js?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f28df1f795cd5542544741ff7fa03d01e20c4be2f7b6024a1ada0f1bc5767977
cf-cache-status
HIT
ki-edge
v=17.7
age
231849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 21:45:10 GMT
server
cloudflare
etag
W/"62bb7666-48b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gE3cgN0QlmLDF8WeT3ydAecoJBtvfx4GScw1e%2BbkmrXad9BTgypVQcGeX86CsJyMNWbo9tAO%2BeXSQ0hlnFlrDtO%2FAx4KnAZ62%2BItRTbG8rJJiR2oIT8Dv7K9jC8qUjMkxvCCUSP4yIUgvZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52cea9c923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
style.min.css
untoldtea.com/wp-includes/css/dist/block-library/ 		87 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/css/dist/block-library/style.min.css?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f61582a2b1b639c470a0f44fc7542837a98a6e15ce733caec532f156972875b1
cf-cache-status
HIT
ki-edge
v=17.7
age
231849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 12 Jul 2022 17:55:44 GMT
server
cloudflare
etag
W/"62cdb5a0-15b64"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBRRAlyDYTaray%2BUwTaTpvTTEgD7mPGf7ePQ16YbL1xK%2BTD9tlNlInERTVvwRdTuYfcmFIauNqUlFSbk%2B4CvUEkUVg6ckV4LHPif6jOCfG6wRsGrBJhUjM840OPE%2BXhzq21agYSYLza2QMs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d4b2c923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
adsforwp-front.min.css
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/css/adsforwp-front.min.css?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,858cebec5dd8f760124cb5db85851b7b32b621f215f4eebb5339d250f642a489
cf-cache-status
HIT
ki-edge
v=17.7
age
231849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-4c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aa%2Brrp5ktjgLbEiUtoviRtAiYVct4YqISTFHxAI0TGnj6t574%2BsB2yYjWel6cocFgJZZvwnUrSnZWPFhKf82SNnALR8nKnHMQGsMS4HVSC0sYvFLZYMZ6enEkFgVEWctC0ozZ7yiMTs393Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d4b2f923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
categoryimage-public.css
untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/post-category-image-with-grid-and-slider/assets/css/categoryimage-public.css?ver=1.4.6
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,3d4e1cf646173b5aeff52b1c74ecada83bcc74cd647f02d954656baf43b7f63c
cf-cache-status
HIT
ki-edge
v=17.7
age
231850
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Mon, 25 Apr 2022 07:51:38 GMT
server
cloudflare
etag
W/"6266530a-1a27"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5rjBb811ksGbN9YqyirsuU7Re2E67fKt68x9BPbT3A6559kA8vNTY47QNlaAmj8tNR%2FnK1WP%2B3ldu7aRQvSU72gFqAEgRDg3OK4jF1FcyNPJnPGlrrQJ5RaP%2BaJzkSAkLxNt5mrqvv11O4I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d4b30923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
socialsnap.css
untoldtea.com/wp-content/plugins/socialsnap/assets/css/ 		67 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/socialsnap/assets/css/socialsnap.css?ver=1.1.17
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,64ae08eed5f0c9220c566d00957d272c99d2f84667299c4031f47da0023ef915
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,64ae08eed5f0c9220c566d00957d272c99d2f84667299c4031f47da0023ef915
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Mon, 25 Apr 2022 07:51:45 GMT
server
cloudflare
etag
W/"62665311-10bfa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wox5Crj0Z7bnsNsFZecwn%2F9gliyFk9em72Al%2BkC%2B2D%2FW9LJW%2FDO5hWhDhp3cYx1r4qX9PFwiViW0BbxzXGvTSSFgL6GGfWPedvBYY11py2L7eb7z4npaUwKNMA4fK5OQHsDR4Jza9zJm33U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af52d4b31923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
ivory-search.min.css
untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/css/ivory-search.min.css?ver=5.4.7
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1c7b4d545f5a3177640e82aa95a95622b793910e47b783fda1f201d8ba76e37e
cf-cache-status
HIT
ki-edge
v=17.7
age
231850
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 28 Jun 2022 21:01:11 GMT
server
cloudflare
etag
W/"62bb6c17-1a9b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c3lXD4fN8igaBD2Zx0dtYTSkQGh9yvOJbh1RGBEAisRyFLLWFT8a%2F3YDoUhl%2Bp%2Fd3QgOl90R2RD88INYoL%2B0hbUZQRXBvFdjWaOk8VMSjDIeTFirqtP0xdCPFleV1TMTuXMTZB0SykLj3bo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d4b33923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
jquery.min.js
untoldtea.com/wp-includes/js/jquery/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,e2e1f402504984a65844a4d022b901e5279d478e0a7f4a1615f1194b8466cfda
cf-cache-status
HIT
ki-edge
v=17.7
age
231849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Tue, 20 Jul 2021 19:52:55 GMT
server
cloudflare
etag
W/"60f72997-15db1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2Nqsl8uVtoXo9Pk5vo4PIVOAMufyyfnOjNj0TEfcPiGXrVNF4FELpnWngt1kaSVSZVtosfpY6uBxK%2FkwcXmT7pYa6PQZSjS%2F%2BGHwnjliefnWYo3k6sFH1zoNy26myL6ae8ejOPvvB6eFGw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d4b35923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
jquery-migrate.min.js
untoldtea.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,31678bfcef2c6b570815652d5caed0bda5656d4e4a8119349cd75122ae6477a2
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,31678bfcef2c6b570815652d5caed0bda5656d4e4a8119349cd75122ae6477a2
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Fri, 07 May 2021 09:11:45 GMT
server
cloudflare
etag
W/"60950451-2bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0TqKy6hSD4LysicLsmNq3npfV86cBwPUBwudsBbCH7EUJpye3UeC8HEttCZOYO0rto71SVwiBwBSI12ZDK4x%2BCckPWqW5iYqwfxFlcjKXSdgbLrWgTwSM73w2zctPshsqdfhHFs36Hg6AFg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af52d5b37923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
custom.js
untoldtea.com/wp-content/themes/astra-child/assets/js/ 		997 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/custom.js?ver=6.0.1
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1a322c28409d7bfb5d7e38586325ab61f985389a21067672f9ae6ed96f301d9c
cf-cache-status
HIT
ki-edge
v=17.7
age
231850
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Wed, 15 Sep 2021 10:32:05 GMT
server
cloudflare
etag
W/"6141cba5-3e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2o1LhN0%2BF3aWR2ZMh%2BwFijCdW7EwglOKzK6FPzwv3YTNgS59EDIkIh4zvGo1slKl1DhIFhD5Z46Uy6j5V%2F%2B3EFTZfSlN3cBFHx4ZXIoKPkfQS46GJs4hREH6aJPY6v45E2m4ohwQQOI%2FP9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d5b3d923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
bootstrap.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/bootstrap.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,9e44f164abcbc7045b7cfd0aa6cc0d0c7f9c86cfc10092cf5a2617c6d0e80743
cf-cache-status
HIT
ki-edge
v=17.7
age
79971
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Wed, 12 May 2021 11:27:26 GMT
server
cloudflare
etag
W/"609bbb9e-235ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGXgQAdh2aELOD7ZXsrJc%2Fk4aQ8Tg7du1XX3GL2uNqGgfNr1ZXVZ4wXsFfTAbVznrVUs6iNm4uXfMVmHXbF%2BuseQm0ORQd7TmPFJhXzwut0Hrk2x76D2U4FBj%2B80XwZ2T34vyg2ZBWQRnQA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d5b41923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
owl.carousel.min.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/owl.carousel.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ec999bfb734be1a3d178a80faeada18acab3e877a49068cb0f6756271bfe462c
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ec999bfb734be1a3d178a80faeada18acab3e877a49068cb0f6756271bfe462c
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 18 May 2021 14:03:06 GMT
server
cloudflare
etag
W/"60a3c91a-b78"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w9Dahrb2OILtxtl7K2d76CvaFqz9IFnf%2B1AfXDI68cTl2cPrN95X8sgKRDBwOP%2BguKWMpMiIlkW9atYi8dKJ1cnvysUXcPQb4EmpryihQTeZ3nZJ5dMjbksf5GEdeoasO3pVjjynUyjKGss%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af52d5b45923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:3f36 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
109992
access-control-allow-methods
GET
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id
TR0KXD2F013GJEEX
x-amz-id-2
wOLkeCByN+PuDVKVs/iv3RNrVms5ZTQGL0eETcwMbAsh5IIIF84cCkNpdm9alHQof6Vg8UNQUU0=
last-modified
Wed, 30 Jun 2021 15:46:39 GMT
server
cloudflare
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EYGFjJeW%2FZ51M9MdL%2BBg9hFKKoKh1soUCEgoIJ58Nv3%2FZ8O4FcLjVol6i8UzhnRm98uqfZ7CX%2Bdl1g9SwL908kxjZcJ5BMq9hmcS84Sdsat1gJ14y8p9PyQzG%2FkdAsKFsgfnBDyvIrWLdyQ0x4IE%2FqC"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
738af52d8f899110-FRA
custom.css
untoldtea.com/wp-content/themes/astra-child/assets/css/ 		35 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:31 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,621debf2442dfaa9a69145e9abbdb287eb3bacaa921229b0011bf1518f30f8b3
cf-cache-status
HIT
ki-edge
v=17.7
age
231849
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 17 Dec 2021 11:18:55 GMT
server
cloudflare
etag
W/"61bc721f-8a45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cq4SF9N6Shm9%2B97YDoxaAzwvc3ATs6SUEfT1BMdHygPMu7mSbW6hWWDyk980QXkunMhhExDew1qIRMGpRJqUJaDbCFe2L3NeSejHrNgYkNIwXnXmQlfMKjDyVXDLWRIy8gaAVDNUlHSMOOM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af52d5b46923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:31 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ba3648c632bb816e323681540d25397c5a9bae8d6b0f2655d1cd17a580deadff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51567
x-xss-protection
0
server
cafe
etag
16163055714275174951
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 18:57:32 GMT
untoldtea-logo.png
untoldtea.com/wp-content/uploads/2021/08/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2021/08/untoldtea-logo.png
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,6d4d005f1a402c97f6e496a59743a471af98785c872ad7b7d7650001a79970f3
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,6d4d005f1a402c97f6e496a59743a471af98785c872ad7b7d7650001a79970f3
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
11421
ki-cf-cache-status
SAVING
last-modified
Tue, 10 Aug 2021 07:06:55 GMT
server
cloudflare
etag
"6112258f-2c9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AAKUWfi9FMFxwcqWTiUC5RPBd%2FRVY1blmhPEc2FvvwmEP%2FhHZf0EtieXhFKis%2FUFeG1qozVmW6IdoD1vFcX7VNYToP%2BLXSupWVM6l4ckWuZ36briVxdfrhalHyvpv7GJ0K4YIC%2FhVLz%2Br%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af53198c2923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.js
untoldtea.com/wp-content/themes/astra-child/assets/js/minified/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/minified/frontend.min.js?ver=3.4.2
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,26e7cae73712c46b3f0664c6048328284329f1eb2ba2fb9739dcca23d422e2d9
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,26e7cae73712c46b3f0664c6048328284329f1eb2ba2fb9739dcca23d422e2d9
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Wed, 12 May 2021 10:34:35 GMT
server
cloudflare
etag
W/"609baf3b-41bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlKuQOYMckbeB0aPdF28lFUs7nKANQZKlzY%2Fjv9H6Ot5t0dCCoAWsGz2QNPVv%2B4QsVWSK8eKIEdNymPj%2FmOnzu29dWIyq09ouhh528XaqUYAhbq7Gb2M6oVuRik0%2Fj%2Bagm%2BBKDUXAzho1mY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af5308f3c923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
ads-front.min.js
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-front.min.js?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,922de2af9c8029c9d96c473245f39ddcc89aea711ee6bc0b0065e0a6496eeeaa
cf-cache-status
HIT
ki-edge
v=17.7
age
231850
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
HIT
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-1dd6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FbgZ3hWW3zKeqrQ1g8pds2b0IK5UBB3c8qp08azts82TOoMPFYIBaxPhNxmD80P6In%2Bzr79LWTTQ9vkqIcmnt8LfkyF5LJOCD0UxO0DJKDVfqTGJv2iBZNc6KXwMgL32xjBLhStnW4t6nA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
ki-cache-type
CDN
cf-ray
738af5311807923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:32 GMT
ads-frontend.min.js
untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/ads-for-wp/public/assets/js/ads-frontend.min.js?ver=1.9.21
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,bfe694c76e7f83112fb856b4b8f26da2532f9fa67b3f6a9fc1863e27b12f22bb
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,bfe694c76e7f83112fb856b4b8f26da2532f9fa67b3f6a9fc1863e27b12f22bb
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Fri, 15 Jul 2022 07:01:10 GMT
server
cloudflare
etag
W/"62d110b6-427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=La0jdAXM7rm0UdhpIu2pehEwCo6nJctw25Lgo7Obyx1EPYMst43HnCrCI0vtl88wR6Fwwm8zpqLA6sG1Hcns331oGYLFAkgmdyF5dCNYR1bMUiKUPL6eJfnpL3feLQdO%2FQhEA%2BXvTr%2FXmLU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af53198b6923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
socialsnap.js
untoldtea.com/wp-content/plugins/socialsnap/assets/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/socialsnap/assets/js/socialsnap.js?ver=1.1.17
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,15c0ce2fb3715118240f9f39824db71e1bb7f579293d669e69f5fd9a653eaa5e
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,15c0ce2fb3715118240f9f39824db71e1bb7f579293d669e69f5fd9a653eaa5e
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Mon, 25 Apr 2022 07:51:45 GMT
server
cloudflare
etag
W/"62665311-3239"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qgUZSOebZiSeIcwthjNfJoQWnjlJNMH%2Fs6HA7ogr5vY6wWFuSClT8jIs6oxJVHqr3SPzHb0lWloyHHSMkHdyjUvm4shwqogdVkJAecOVxg8vB04c5bOCkX5VzVAyZ82Z%2BlC5Fb%2FeBSrEA3k%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af53198b8923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
core.js
cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/ 		232 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/core-js/2.4.1/core.js?ver=1.0.0
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
603036
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42723
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:09:17 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e2d-3a1e2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xMnzfWZLK0I97Buj6oNpyFAGViE7xwScQYYjkBDOtCLXqPzrp90pOjqm4qKa9wf7IUVPT%2BlUaeehwDusvqzRWEcnkEnXLdQ4JleCso6%2BjKAg0tY5iA5%2FV8OLWJQCWb3Y1A5woDdVfI%2BAtHMZrlq8%2BpO6"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738af531b9039b9e-FRA
expires
Mon, 31 Jul 2023 18:57:32 GMT
ivory-search.min.js
untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/plugins/add-search-to-menu/public/js/ivory-search.min.js?ver=5.4.7
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1e21cc8327db2e06733fe3f314b06dfdd5354f41e9e1ea7f1b6e392367053d66
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,1e21cc8327db2e06733fe3f314b06dfdd5354f41e9e1ea7f1b6e392367053d66
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 28 Jun 2022 21:01:11 GMT
server
cloudflare
etag
W/"62bb6c17-11ef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZbabeCpy4a%2FVlqXVsrIGVOfaPWpksbYgd8ZI2N6SMX1LFFwpzJie52PKXEsJYh6gy%2B%2FpkQfUYRMNVx%2FaZuZFFdT7uHZEVdiwbEKkvQEMD%2FwU8r8cvzKQDMcuPpbQGPGoRS8PE29Y0U5SaY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af53198bd923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1660157852.dop159.fr8.t,1660157852.cds161.fr8.hn,1660157852.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
owl.carousel.min.js
untoldtea.com/wp-content/themes/astra-child/assets/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/assets/js/owl.carousel.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,8e385b6a64b4536a8cf3e7b2752fb12c72431b4faa2a98163a798ebe4e0382ee
cf-cache-status
MISS
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,8e385b6a64b4536a8cf3e7b2752fb12c72431b4faa2a98163a798ebe4e0382ee
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
ki-cf-cache-status
SAVING
last-modified
Tue, 18 May 2021 14:03:35 GMT
server
cloudflare
etag
W/"60a3c937-a70e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3G9mlIq6Z%2BwR6ivAan768QpOWyVVazVCqVwm6Ls6VyzWpl7edeGqRmhkjPfjXkHZDEANjZPmMILXDq%2BCy4SE6f13ux4ynYnGMM%2BrtqfoHUZMp67WlC3W%2BAZnUkbkggTGfgDL0RrIAw%2BMVs%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
cf-ray
738af53198bf923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Sat, 07 Aug 2032 18:57:32 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
cdn-edgestorageid
860
access-control-allow-origin
*
cdn-cachedat
03/10/2022 17:24:53
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver
1.02
timing-allow-origin
*
last-modified
Mon, 25 Jan 2021 22:04:04 GMT
server
cloudflare
cdn-requestpullcode
200
etag
W/"14d449eb8876fa55e1ef3c2cc52b0c17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
cdn-cache
HIT
vary
Accept-Encoding
cache-control
public, max-age=31919000
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid
001e3a56a39766058b7dc1ccf3106fc9
cf-ray
738af531dc476949-FRA
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
css2
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 17:00:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 18:57:32 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 18:57:32 GMT
all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/ 		57 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/wp-content/themes/astra-child/assets/css/custom.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1968440
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10301
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-e4d2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kjt%2FA5jE3h1tK78uJRdnD5jxele6geByFf1DQG9pql%2BJOWziSAxJmrBc5%2FWHgRWMCmvBXuGHhoWTJ77x8FfUH1tIAfmUIeKy2EkANbA1My92kbzPVtdCWYjDY%2Fuxc5zmlEnm%2FCmInSMubL8uOnK%2BIKhV"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738af5315d309090-FRA
expires
Mon, 31 Jul 2023 18:57:32 GMT
gtm.js
www.googletagmanager.com/ 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c410269a4fbd77addf6b06836154aaf1255d6f603c31432e07db1c071edec097
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43153
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 18:38:11 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Aug 2022 18:57:32 GMT
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 		25 KB
25 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Mon, 08 Aug 2022 21:18:53 GMT
x-content-type-options
nosniff
age
164319
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25372
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:24:05 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 08 Aug 2023 21:18:53 GMT
fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/webfonts/fa-brands-400.woff2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.13.0/css/all.min.css
Origin
https://untoldtea.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
76612
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:10:08 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e60-12b44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yAaKgYKVeX%2BZNRtVp%2Bmd1CpWj7AyBJtfUrkBNuJ4F%2BiUdfYDXkpOH%2FsNkXZtBRwzcTjVPbeQF8i32uAhIM9gEbp63n2AhfLh0oiwiKKwsQRW1U3H4t9E6WXfW3M7EKBGZiC8aoWYaM6j%2Bbm%2FOnGQ6jED"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
738af531dc28bb80-FRA
expires
Mon, 31 Jul 2023 18:57:32 GMT
Breaking-Bad-Where-Are-They-Now-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/05/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Breaking-Bad-Where-Are-They-Now-1024x682.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f53dfeb1075d1974c440f135691dc6e65bf12d00fc6223365bbb70b125a004b1
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f53dfeb1075d1974c440f135691dc6e65bf12d00fc6223365bbb70b125a004b1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
78052
ki-cf-cache-status
SAVING
last-modified
Thu, 19 May 2022 20:44:56 GMT
server
cloudflare
etag
"6286ac48-130e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OwwVaeyN9V%2BpBdw7CHxoPSWuoS7nr9VL%2FpC8iBxUAn8GI74%2FnfJmNz%2BpY2i2%2FXNZR0%2FedILal7cDUfIaWbTeX9xL022osU%2B13%2FumJwzMFxNBX2C%2F64H%2Fa3x5NajuqbYl4mTLtfo0ahwSxRE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af5320955923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Celebrity-MothersDays-2.jpg
untoldtea.com/wp-content/uploads/2022/05/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Celebrity-MothersDays-2.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,10c78d878de062f31b055c07ac57c0a8d2d2a9004c5cbe6d60b738c210941c6d
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,10c78d878de062f31b055c07ac57c0a8d2d2a9004c5cbe6d60b738c210941c6d
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49783
ki-cf-cache-status
SAVING
last-modified
Thu, 12 May 2022 16:07:09 GMT
server
cloudflare
etag
"627d30ad-c277"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nj%2FqBefOYCllll1RpTpyBDLYTRYoaL4IE12WQhLCtzZAgqj0RFLTekhQOKCgqVcMQ%2FoHXOhyPLuP01SO35n3DOYTlXRYL22NsGzlDloBaEgV3%2BAab5o27qz5QQqizCVobf%2FzAak3RdsFE%2FI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af5320958923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Jean-Claude-Martial-Arts.jpg
untoldtea.com/wp-content/uploads/2022/05/ 		110 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/05/Jean-Claude-Martial-Arts.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ba5fd9b2bb5d156680e6adcebfda8f007191f4796b11772e8e6657905bfa9b2b
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,ba5fd9b2bb5d156680e6adcebfda8f007191f4796b11772e8e6657905bfa9b2b
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
113047
ki-cf-cache-status
SAVING
last-modified
Wed, 04 May 2022 22:47:58 GMT
server
cloudflare
etag
"6273029e-1b997"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=20TJWU1ym%2FJJ9LwUVzB%2Be66EJElrZK%2BFiFSYg6RQxiWse4yll0FztEr4m%2B2vKc%2BSd3YozM7YG1pkhlGxP6gHKve8RQuofmXCclbzPtvLeRkFETGd6LjK4kkD8QiajVPAoZ0QQXkppuQ8R3Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af5320959923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Squid-Games-S2-2-1024x576.jpg
untoldtea.com/wp-content/uploads/2022/04/ 		133 KB
134 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/04/Squid-Games-S2-2-1024x576.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,7c0bcce25a0d0fbab5f9d6c693327424f5ba4afc237e067b1879208cff9ee550
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,7c0bcce25a0d0fbab5f9d6c693327424f5ba4afc237e067b1879208cff9ee550
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
136153
ki-cf-cache-status
SAVING
last-modified
Fri, 08 Apr 2022 15:23:11 GMT
server
cloudflare
etag
"6250535f-213d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhXlGmrNEUZEtovVu1zKSgWgyehCwvLmKNvDw%2FklkbLBf6PJ50aytLYZqCV9fJ2PzpSgz3MBOj%2BdkwjSS%2BX%2BV7p4SXBKl8gqxSsPQD5ErsVWsKE%2FJ9onzveyAIgwHrSFksp5dAKUF46gobw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af532095b923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Will_Smith_Chris_Rock_Slap-1024x682.jpg
untoldtea.com/wp-content/uploads/2022/03/ 		91 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/03/Will_Smith_Chris_Rock_Slap-1024x682.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,99b01799dc302f7b34b2c9354517c028ec3f8f327fa1260ef19fa5b236d95c88
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,99b01799dc302f7b34b2c9354517c028ec3f8f327fa1260ef19fa5b236d95c88
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
92844
ki-cf-cache-status
SAVING
last-modified
Wed, 30 Mar 2022 15:14:34 GMT
server
cloudflare
etag
"624473da-16aac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LshUmP%2Fb95tYDchBD2zs08%2B82AAB2tAP6BK0R%2F45OUig6doxZaAiLL92yVYx19YnvcFvPo7Mglhf0S2%2FtdvdGbffpwoj%2FVTDEZj7OjYoIaBeCbxHN%2Ff0f1ppmtuOhqBe6AO%2FET%2Bzja3kco0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af532095c923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
Mickey_Rourke-1024x1024.jpg
untoldtea.com/wp-content/uploads/2022/03/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/03/Mickey_Rourke-1024x1024.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f56f9e900dacbe291d8dc1412a22c0477d29d209573d533c6bd5e72baab257c0
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,f56f9e900dacbe291d8dc1412a22c0477d29d209573d533c6bd5e72baab257c0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
167531
ki-cf-cache-status
SAVING
last-modified
Fri, 25 Mar 2022 15:26:31 GMT
server
cloudflare
etag
"623ddf27-28e6b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mk9PW1u6%2BxN79v5MmtW%2B%2FdWWIoQy37%2F%2FvnzimXJocq8inwN2FTxXGEKGZ%2F2UAdftTkByuISWKgyEHVTq0DuMseNO2b4u0NGj%2BkMr01ExTZUHm6Lp1Q%2FTxHKosxpbpPfSwut1gZs6TdtkURM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af532095e923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
featured-and-starter1.jpg
untoldtea.com/wp-content/uploads/2021/05/ 		47 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2021/05/featured-and-starter1.jpg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,42fade2813976c2b9e7985e27def55b8797b41be24ff28b8350dc365d3349e80
cf-cache-status
HIT
ki-edge
v=17.7
age
231849
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
48489
ki-cf-cache-status
HIT
last-modified
Tue, 18 May 2021 18:29:21 GMT
server
cloudflare
etag
"60a40781-bd69"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aFVrknxhH1QNeXSuGHKQhwH2g%2BZuv6T%2Fcm6qz6kLs%2B6LIoKx94ET3q%2BqOQxKKNTQtxnHLmdXJfmXo%2Fcj%2BSYzr3flbc3LzbBy4mEpIodl3gdM%2FfN59Rkc47hMxUsmZW1QO978YUBgcTEYoSA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af5320961923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 10 Aug 2023 18:57:32 GMT
js
www.googletagmanager.com/gtag/ 		197 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
98b9f3c43e7113fc174844b48fe8fb299c32fd2232b6e92306648071883ff96a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72327
x-xss-protection
0
expires
Wed, 10 Aug 2022 18:57:32 GMT
pushly-sdk.min.js
cdn.p-n.io/ 		301 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
last-modified
Mon, 18 Jul 2022 15:10:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"3719c549539b86d123ffb1220e16852e"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control
max-age=900
x-amz-cf-id
g7xpEthr7TMq8zUMWwUl2WGqGRcAsV6T5vBgdfqLF7E1v9Av1kt1kg==
js
www.googletagmanager.com/gtag/ 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-105305343-4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5245a60b30f299f5bc4e97c9651c2656182e7ed0557f9cbc98e8f6617713d101
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41920
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 18:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 Aug 2022 18:57:32 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ 		340 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7903576385bd1bfc61197245f1a37832b44b54dee0b383b043a09b44420622f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122756
x-xss-protection
0
server
cafe
etag
462543702596191497
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 18:57:32 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/ Frame DE53 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
46364
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 06:04:48 GMT
etag
8616628553774171045
expires
Wed, 24 Aug 2022 06:04:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.google-analytics.com/g/ 		0
336 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M28037773M&gtm=2oe880&_p=449650163&cid=227435030.1660157853&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660157852&sct=1&seg=0&dl=https%3A%2F%2Funtoldtea.com%2F&dt=Untoldtea&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M28037773M&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		217 B
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=untoldtea.com&callback=_gfp_s_&client=ca-pub-6830231157845370
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f2.1e100.net
Software
cafe /
Resource Hash
78ac130c63de5971ccd1c789fcc4cde8c56592d173fbd4ce18d54d4bedbb3441
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
203
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 18:57:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 15EF 		228 KB
61 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&adk=1812271804&adf=3025194257&lmt=1660157852&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Funtoldtea.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852552&bpp=6&bdt=936&idt=146&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8690092849266&frm=20&pv=2&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe189a28839242c0f4fcf2d4a77fb62b775fc9b2b09ed12f2e02e2799f931673
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
62105
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:33 GMT
expires
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4701 		72 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1702c1aa97261e68dc9eda17cb00589df76b9818b1e2c77c25a0676de45c6531
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
22546
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:33 GMT
expires
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
Adele_Live_2016_tour-1024x768.jpeg
untoldtea.com/wp-content/uploads/2022/01/ 		115 KB
116 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://untoldtea.com/wp-content/uploads/2022/01/Adele_Live_2016_tour-1024x768.jpeg
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
ki-cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,cec7a2c4b4e7c263f820b35f0a1779b07756e060dad3915a4799942dd15e5b9b
cf-cache-status
DYNAMIC
ki-edge
v=17.7
cache-tag
2a47d516-d30f-42f6-b2f9-df591a32d46d,cec7a2c4b4e7c263f820b35f0a1779b07756e060dad3915a4799942dd15e5b9b
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
117967
ki-cf-cache-status
SAVING
last-modified
Thu, 27 Jan 2022 00:04:21 GMT
server
cloudflare
etag
"61f1e185-1cccf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i9N9ysBI5HWcuPqKUmkdN5m4wPPkIaRfiUey7hVofNZypTL29XJdO3GmJO5o1osXmITTmtOzdwDL6kjDXGnW4ZJicw88%2FnB1U4zrnj8r%2FjbcxBVFXMEwv%2Fu85bGET2PhliF7Lz6yFjfjVj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
ki-cache-type
CDN
accept-ranges
bytes
cf-ray
738af5358dd2923e-FRA
x-content-type-options
nosniff
x-edge-location-klb
1
expires
Thu, 31 Dec 2037 23:55:55 GMT
video-loader.js
cdn.avantisvideo.com/avm/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTNHFLQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
o3_UP5DBpj34HIRp37PMEele1xlw3U13
content-encoding
gzip
last-modified
Sun, 29 May 2022 06:35:41 GMT
server
AmazonS3
age
50314
etag
W/"d29171b34ea93548beb17fd35f5b439b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date
Wed, 10 Aug 2022 04:59:00 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
DX1VpXJ24t-4i6YLly03DEpPwJPeE9AEFI7w2d1sCxW1OhwqqER9kg==
home-load-more.php
untoldtea.com/wp-content/themes/astra-child/ 		6 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://untoldtea.com/wp-content/themes/astra-child/home-load-more.php?offset=0&limit=6
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:7::a29f:862a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://untoldtea.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
ki-edge
v=17.7
ki-cf-cache-status
BYPASS
x-kinsta-cache
BYPASS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bEg34HWpvBm1X32NNyjuaDBc2Xw55t2XTDMQMMQGKpMGRTCzu3JyFCeHqYnjON5cTZ7bbzaHb8G04c0hlKXWSETSK4yuH%2FIiI8aBzEmuRf3CFRbCUsFktAZc4LZB2nwnSPjHBCE1hLU75ts%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate
ki-cache-type
None
cf-ray
738af5359de2923e-FRA
x-edge-location-klb
1
expires
Thu, 19 Nov 1981 08:52:00 GMT
e9729a99e2ce9704c0788d1ab658d164.js
www.gstatic.com/mysidia/ Frame 4701 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e9729a99e2ce9704c0788d1ab658d164.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4942
x-xss-protection
0
last-modified
Wed, 03 Aug 2022 21:59:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
de03a69b80543f0fa8847e29147a30f0.js
www.gstatic.com/mysidia/ Frame 4701 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de03a69b80543f0fa8847e29147a30f0.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 20:45:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
511918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4857
x-xss-protection
0
last-modified
Mon, 01 Aug 2022 22:50:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 02 Nov 2022 20:45:35 GMT
css
fonts.googleapis.com/ Frame 4701 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 18:19:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 18:57:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 18:57:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4701 		2 KB
983 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:50:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 4701 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:53:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:53:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4701 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
125
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4701 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 18:57:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4701 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:53:40 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 4701 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 23:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 06:58:12 GMT
abc.txt
static.avantisvideo.com/data/ 		11 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/abc.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8e00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b9a73858c84135c123879eaff2d94ca31f2a9397ac1408cccccd87350919aa8a

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 Aug 2022 13:08:15 GMT
content-encoding
gzip
last-modified
Wed, 10 Aug 2022 08:45:07 GMT
server
AmazonS3
age
20959
etag
W/"adeec079b9660850cec7d21b61dbb895"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
Ii-9h5KIAnSZ7mCtDl-5yXlX2oTO27_tqg8sekjElEQQiJqnfpnWgQ==
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
/
events1.avantisvideo.com/ 		0
35 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1983068243099909121/ Frame 4701 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1983068243099909121/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bff5aff5bcfabd29aca883b86ccb6482d93d194fb31316b7c2df410c328514b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 22:29:23 GMT
x-content-type-options
nosniff
age
246490
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1604
x-xss-protection
0
last-modified
Tue, 03 Dec 2019 14:26:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Aug 2023 22:29:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4701 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CeZlvnP_zYqaWL7XM1fAP766bqAa-sLnLZcm_wsiTDsmW6eP2IxABIMXPgAdglcKmgrAHoAHXssG4A8gBAakCsDgqTa9PsT6oAwGqBNcBT9Abc6Sme33v8gvSlmVBDr5OdF8GfVuqV7o5APiCGhvwqIXEzYNwm5EXo-FVICLF3_xbQavZURNb6hlPz_sLieA8vuA2LC6ZOgtLaqLIG-_8ehAC3dtIFbK6CV7XudeoZYVF4xKCIWVwEMSUSQL-gnBoFsNA8E7wbuM6fP5S5oK2PvTXwyP54-2lc_M0IL_H3sGtr4Bx-sdlz84nVRdQLGJtrQYQosmXzSfHFNTk6i7mRNIpbToJdr2XWZvzwZ5TEaarwwIVzWkxv7e8aHFS7ZlFMCfLjHLABLzupLnCApIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAeRzb5HqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQtMsS0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=UtVOma3_OqY&uach_m=[UACH]&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 10 Aug 2022 18:57:33 GMT
u_d.html
cdn1.avantisvideo.com/connect/ Frame EAC9 		46 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn1.avantisvideo.com/connect/u_d.html
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
35367
content-encoding
gzip
content-type
text/html
date
Wed, 10 Aug 2022 09:08:07 GMT
etag
W/"f9678e3c391d61d33ed4b6129f75c60e"
last-modified
Wed, 06 Apr 2022 12:25:53 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
x-amz-cf-id
F5o3_i4zuiE0V_TSIt6XKnSC5wiwU9gOEi0RCMcWFMt0IeVZmvoCNA==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
dem0VvOWe0jwgvR1YOcBwtPtUobNlIGA
x-cache
Hit from cloudfront
s
googleads.g.doubleclick.net/pagead/drt/ Frame 65EB 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/ 		150 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/reactive_library_fy2021.js?bust=31068863
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ca1b8a622a6bdc80364d3a3b765e640162d7f40bc82a9724705c710552f46e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54598
x-xss-protection
0
server
cafe
etag
4502341271048376843
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 10 Aug 2022 18:57:33 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=untoldtea.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4C0D 		74 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
32a1cde1991233c6fe4790f961de3c85f8db74b00a4600db6ba33501edb5b700
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
23205
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE4A 		72 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df2abe41f0b21176c18c31cd1fcbb7ba823bcfebb5ccba9c33b65f1d6b63a9b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
30711
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D912 		71 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c72c178e392f4cbecee8ef6cfe8857e6042ecaa2277eb6ccdcb7212755c69fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
30176
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4701 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3fdae2cfc9e0859de861378558eb0075c08fcf9b2511b6ba1475c02baa139bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4701 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 08:44:44 GMT
x-content-type-options
nosniff
age
36769
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 10 Aug 2023 08:44:44 GMT
geoip
avm.avantisvideo.com/api/v1/ Frame EAC9 		184 B
936 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Requested by
Host: cdn1.avantisvideo.com
URL: https://cdn1.avantisvideo.com/connect/u_d.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
88e739a5fa7619655939e64c553ca58df87302f8773512d5ee25ce4b4ebe246e
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://cdn1.avantisvideo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Origin
content-length
184
x-xss-protection
0
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
date
Wed, 10 Aug 2022 18:57:33 GMT
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
application/json; charset=utf-8
access-control-allow-origin
https://cdn1.avantisvideo.com
access-control-allow-credentials
true
x-amz-cf-id
N0ZtIg0AeDhdWzaVUDK2PhbcXOzK_j_54-l3c0qmGTW3R4orba8bpw==
geoip
avm.avantisvideo.com/api/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/geoip
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://cdn1.avantisvideo.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://cdn1.avantisvideo.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 10 Aug 2022 18:57:33 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-id
jaQZUHKeeRQ6cbsH8OmvC5oK8uSkagvmBusg7sw7lSNfFYWQHcHVDg==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 65EB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157852&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157852558&bpp=2&bdt=943&idt=158&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=58&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sut69QENUX&p=https%3A//untoldtea.com&dtd=161
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:33 GMT
expires
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:33 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame 32B7 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 03:07:25 GMT
etag
8616628553774171045
expires
Wed, 24 Aug 2022 03:07:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame 02B1 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
57008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 03:07:25 GMT
etag
8616628553774171045
expires
Wed, 24 Aug 2022 03:07:25 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css2
fonts.googleapis.com/ Frame 32B7 		4 KB
636 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 18:25:13 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 18:57:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 18:57:33 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 32B7 		205 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:23:20 GMT
x-content-type-options
nosniff
age
2053
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
205
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 10 Aug 2023 18:23:20 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 32B7 		604 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:37:40 GMT
x-content-type-options
nosniff
age
1193
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
604
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 10 Aug 2023 18:37:40 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 32B7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:52:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
311
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8392
x-xss-protection
0
server
cafe
etag
14983445617412810031
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:52:22 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 02B1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTWspnP_zYs6YL6yT1fAPv-i-kAj-k5LEa7_L8t_-DwsQASDFz4AHYJXCpoKwB6ABmY7Z6gLIAQKoAwHIA8mEgAKqBMkBT9DCrH7IVZ0Taxy3K6TRXKfDum1Kjb1maDf7oPMDPc7JaWbBaitMUtjk51cZJBewtE_Lg2Qrj4MB5yS-C-dozXP7DbpbEpbPPzQxfVNvh-spmrdQH4RJLwQ_uvG2i0Jb4Gd1KDyi1rlau2yFok-6bY_uGBfodi7Sjfe8xZVR9UDCHp6v_Yl8snIvy-aulksNsezxl7Pw3gSx-wdUaPljo6tSausXjT0dEyhOMBO81oXGETyj3_5GzrP36Bk0mvLD-Aov_G7axIiZwASUoLX1-QOSBQQIBBgBkgUECAUYBKAGAoAH7NT26QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBRCl6J0B0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=ECZz50EI4NE&uach_m=[UACH]
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 02B1 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:53 GMT
9518514844926326451
tpc.googlesyndication.com/simgad/ Frame 02B1 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9518514844926326451?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qlgvnCCGttXothj2rFvt125goPxRg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7f8f4a16467c23ae2fd8e0b94ffac451bd278f91551632c63a6a309f36af4b0b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 03 Aug 2022 22:55:07 GMT
x-content-type-options
nosniff
age
590546
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9113
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 18:36:37 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 03 Aug 2023 22:55:07 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 02B1 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 02B1 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 18:57:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 02B1 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:53:40 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 02B1 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
server
cafe
etag
4827693875121430507
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 09:09:35 GMT
css
fonts.googleapis.com/ Frame 3DC5 		8 KB
893 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 18:19:38 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 18:57:33 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 18:57:33 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 3DC5 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:50:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 3DC5 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 3DC5 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3DC5 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 18:57:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 3DC5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:53:40 GMT
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 3DC5 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 23:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 06:58:12 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0901 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0901
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:33 GMT
expires
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:33 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 02B1 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f80227b4af6c3daaddcd249fa6b44c7d56600fe6c84b537da001df6aae2b8647

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 4E5C 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 17:58:27 GMT
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame FC01 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3546
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 17:58:27 GMT
video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		107 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/avm/js/video-loader.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
Usl28QWcpcQuVgqctq_iPLAQIzTzuE9F
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 08:12:47 GMT
server
AmazonS3
age
53397
etag
W/"7b1a9ceb08392f5edf168e210f7c817e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date
Wed, 10 Aug 2022 04:07:37 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
vkVvynr2akubbGiXNxACxi5e6aNB-2EbEyQWcyFKqvYa8d51kJGOAw==
3154726961668511652
tpc.googlesyndication.com/simgad/ Frame D912 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3154726961668511652?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmdYTT9lAFmtrun-zYTQAGUNSjZNg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7576df0ee834d1e20a0f4abd956836662aecff4a4d380893e564299d3615d30c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Thu, 04 Aug 2022 05:08:06 GMT
x-content-type-options
nosniff
age
568167
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11742
x-xss-protection
0
last-modified
Fri, 13 Nov 2020 14:15:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 04 Aug 2023 05:08:06 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame D912 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame D912 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D912 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 18:57:33 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame D912 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:53:40 GMT
l
www.google.com/ads/measurement/ Frame D912 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTCwX2_wF2l2Ek0nBDVN_ZtHUfoo6jmjinj1n3GAhFVn9WoQMbzI7woIWigwkvIJpJcT1xDhzrWQjwtfMGtJQaru8brOA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame D912 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35278
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
server
cafe
etag
4827693875121430507
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 09:09:35 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D912 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-CXFnf_zYpClG4-XvPIP5b2v2AXAyYzda6nSo7q1DKyTxti0CRABIMXPgAdglcKmgrAHoAG14-u6AsgBAqkCvDLvLlxhsT6oAwHIA8kEqgTHAU_QKawNDH1hhvkd-R0xveqtV-5lc4XryaveTIDxGHgUfHtMQN_eEOa5Jsh_nuOw0igjdPAnVv7X2skNTA72pho0VB87XMNDJrqURjT3gLcNAXxA5pHBGs6R3kEe4zpPL9ux-CAE3oFi5WdWaNxgdzK_FUa0E_Zqpwq7M8YBMMYW4YLFHbqIp_F-sJG7DBPLbQ_PoROVHdVJc194e_sxt3ZrGlCCWrhHGibvx5000mzoqDF5JaBWjvvOkRl2tuz9hm2-cQT4c5DABO7hpdj2ApIFBAgEGAGSBQQIBRgEoAYCgAeznJTFAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJbOHNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY4MzAyMzExNTc4NDUzNzAYAA&sigh=7_7meBBgBME&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
t
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Funtoldtea.com%2F&eu=true&country=DE&hour=18&amp=false
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
x-amz-cf-pop
FRA60-P4
x-dns-prefetch-control
off
x-cache
Miss from cloudfront
vary
Accept-Encoding, Origin
x-xss-protection
0
access-control-allow-origin
https://untoldtea.com
referrer-policy
no-referrer
x-frame-options
SAMEORIGIN
expect-ct
max-age=0
strict-transport-security
max-age=15552000; includeSubDomains
x-download-options
noopen
content-type
text/plain; charset=utf-8
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
access-control-allow-credentials
true
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id
gGz0qHNacTJGdpDFB01ERa_uCXkJRae2cGyQOAd387QbTJtvAkaw8A==
t
avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://avm.avantisvideo.com/api/v1/tag/77c45572-d9fc-4c55-98b1-a182a93ad2ab/1/desktop/generate/t?subId=&browser=chrome&utm=&os=windows&url=https%3A%2F%2Funtoldtea.com%2F&eu=true&country=DE&hour=18&amp=false
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:c600:3:748e:7940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,POST,DELETE,PATCH
access-control-allow-origin
https://untoldtea.com
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
date
Wed, 10 Aug 2022 18:57:33 GMT
expect-ct
max-age=0
referrer-policy
no-referrer
strict-transport-security
max-age=15552000; includeSubDomains
vary
Origin
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
x-amz-cf-id
X2Y0SLRxOVU10V1JyeuZt2nBHqXhZx3GJuxBmqVxxc1GrjFkuYQX1g==
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-frame-options
SAMEORIGIN
x-permitted-cross-domain-policies
none
x-xss-protection
0
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6541 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1101
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FB21 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17801
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Thu, 11 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6541
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:33 GMT
expires
Wed, 10 Aug 2022 18:57:33 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:33 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
dpixel
cms.quantserve.com/ Frame FB21 		35 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJWbeD56tXWi2SjnzfOakWE&google_cver=1&google_push=AehlK4D7X0FIzUPhlAxMiccIOLC-T693eThLLj7v1T3miFbGXNHNR8upRAjRMiLg8hlQRMElXCjOoKGlvJ4IQT3HVp7xfLNfqg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:33 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain
  • https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAehlK4A_G_TsCktNnRO0m3Ot5SMnn5n3Bb6o47N44ul...
  • https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZQLW5nQUFCRUpkbW1kdQ&google_push=AehlK4A_G_TsCktNnRO0m3Ot5SMnn5n3Bb6o47N44ulo1fZEqxPBantBlgUJgmn2NsUwyXHYxCDGPnCkFHXMLf3ZeGisxYTn-iY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZQLW5nQUFCRUpkbW1kdQ&google_push=AehlK4A_G_TsCktNnRO0m3Ot5SMnn5n3Bb6o47N44ulo1fZEqxPBantBlgUJgmn2NsUwyXHYxCDGPnCkFHXMLf3ZeGisxYTn-iY
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WXZQLW5nQUFCRUpkbW1kdQ&google_push=AehlK4A_G_TsCktNnRO0m3Ot5SMnn5n3Bb6o47N44ulo1fZEqxPBantBlgUJgmn2NsUwyXHYxCDGPnCkFHXMLf3ZeGisxYTn-iY
Date
Wed, 10 Aug 2022 18:57:34 GMT
Server
Apache
Connection
keep-alive
Content-Length
390
Content-Type
text/html; charset=iso-8859-1
pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEAtF_hi2kgSP0QO2DXeXqfk&google_cver=1&google_push=AehlK4BqF3-AT8V7UACmCw9PPksmC3dwoXvz1hgZuQst0k4FkLhMSEfW7u99h4WZvKmnJA6TCDp9e_zRBP4x06Jt5RNoi9qMwIM
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BqF3-AT8V7UACmCw9PPksmC3dwoXvz1hgZuQst0k4FkLhMSEfW7u99h4WZvKmnJA6TCDp9e_zRBP4x06Jt5RNoi9qMwIM&google_hm=Q0FFU0VBdEZfaGkya2dTUD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BqF3-AT8V7UACmCw9PPksmC3dwoXvz1hgZuQst0k4FkLhMSEfW7u99h4WZvKmnJA6TCDp9e_zRBP4x06Jt5RNoi9qMwIM&google_hm=Q0FFU0VBdEZfaGkya2dTUDBRTzJEWGVYcWZr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 10 Aug 2022 18:57:33 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BqF3-AT8V7UACmCw9PPksmC3dwoXvz1hgZuQst0k4FkLhMSEfW7u99h4WZvKmnJA6TCDp9e_zRBP4x06Jt5RNoi9qMwIM&google_hm=Q0FFU0VBdEZfaGkya2dTUDBRTzJEWGVYcWZr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BwovlD...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAehlK4BwovlD...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxODU3MzQwMDA4NTM4ODc3MTAzOA%3D%3D&google_push=AehlK4BwovlD3hyj-phYMZC2gtJgJ65UkKVWUgtuaV1fYoVN1tO6TTiEweXvoFl-qpagXZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxODU3MzQwMDA4NTM4ODc3MTAzOA%3D%3D&google_push=AehlK4BwovlD3hyj-phYMZC2gtJgJ65UkKVWUgtuaV1fYoVN1tO6TTiEweXvoFl-qpagXZusyaLC4t-SHeFgbda5nOM2U-Ca-sE
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA4MTAxODU3MzQwMDA4NTM4ODc3MTAzOA%3D%3D&google_push=AehlK4BwovlD3hyj-phYMZC2gtJgJ65UkKVWUgtuaV1fYoVN1tO6TTiEweXvoFl-qpagXZusyaLC4t-SHeFgbda5nOM2U-Ca-sE
pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Wed, 10 Aug 2022 18:57:34 GMT
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame FB21 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGz5ZRYgPSrwkBhw6oIw6uo&google_cver=1&google_push=AehlK4C9n0QBvjZGofeMUQWyiBLVdXcSQh8DYxSJeUPPHf9R6iVUXemZfuRnVilEeOGKdvFxYDu3kXb-895_hsJCdPNHSp3az7Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:32 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOS8XS0FPr43XEE4QjPdWyc&google_cver=1&google_push=AehlK4A7i9x5Odvb2IJSyRgYtk88CqF3IIpC-cZLB15uJS4gJFZN75Nl9U8GsGYs3Syt1C8FOT-...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFRlEtVC01UUlV&google_push=AehlK4A7i9x5Odvb2IJSyRgYtk88CqF3IIpC-cZLB15uJS4gJFZN75Nl9U8GsGYs3Syt1C8FOT-nVWzXFPTbWXMPRZYvlLzv40c
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFRlEtVC01UUlV&google_push=AehlK4A7i9x5Odvb2IJSyRgYtk88CqF3IIpC-cZLB15uJS4gJFZN75Nl9U8GsGYs3Syt1C8FOT-nVWzXFPTbWXMPRZYvlLzv40c
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFRlEtVC01UUlV&google_push=AehlK4A7i9x5Odvb2IJSyRgYtk88CqF3IIpC-cZLB15uJS4gJFZN75Nl9U8GsGYs3Syt1C8FOT-nVWzXFPTbWXMPRZYvlLzv40c
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame FB21
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_push=Ae...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4AWVM2yFZ1bEbNWCDx4smpqEGWoe6cXH...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4AWVM2yFZ1bEbNWCDx4smpqEGWoe6cXHmq13G0hHq2_XBW9XI3XxWRrP5URcKw3e89dYwyEEOTS421FMCwbA3NWTLkuN-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sNkZ1xZnwT0T%2BoYL%2FKEsaMgYG2LvMKwjeJscO6sjF8eiJhmjzA3MRi7HlPdjqL1YKcIZ9vP4mqPcpIJmfbODnds9RBVUqkZwGZQzkIBEOOYhMJKPzItFCsu7OntF0fEJpIHYVuOWiNaRJA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4AWVM2yFZ1bEbNWCDx4smpqEGWoe6cXHmq13G0hHq2_XBW9XI3XxWRrP5URcKw3e89dYwyEEOTS421FMCwbA3NWTLkuN-g
cache-control
no-cache
cf-ray
738af53b5faa9049-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
attr
cm.g.doubleclick.net/pixel/ Frame FB21 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KaOVjWXHAZfej_O2au129RCgJFXJmX7LgbtuJZO4xYDWR2yTuDgi_25C13imjdrdQxQNPe
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame D912 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
87c3d31ca6ed4abd12c49ff55d9f8cd7423e94e6ae4e18af2cc5d20971856d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame 4C0D 		3 KB
601 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 10 Aug 2022 18:21:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 10 Aug 2022 18:57:34 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 Aug 2022 18:57:34 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4C0D 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:50:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
429
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:50:24 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 4C0D 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
100
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4C0D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C0D 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 18:57:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 4C0D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:53:40 GMT
l
www.google.com/ads/measurement/ Frame 4C0D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ6KVS3Fy0o9i7Oni4xFq6NYM2m9apJ1uOFqY4ahVEGvvMmtlL6VWC7Lt2qYhdzF2NMu8rWPntqae8vLXANGsekvD5oOQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
8b4497fa63e027c9bb788e6248932fc0.js
www.gstatic.com/mysidia/ Frame 4C0D 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:58:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43162
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13370
x-xss-protection
0
last-modified
Mon, 08 Aug 2022 23:02:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Tue, 08 Nov 2022 06:58:12 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4C0D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cucibnf_zYsusF6DI1fAP_NekGP7wnMprpau12ewM8cGbo_kaEAEgxc-AB2CVwqaCsAegAf7WxdYDyAEGqQK8Mu8uXGGxPqgDAcgDAqoExwFP0BiRO8x_-5dmIF8vOpMOJ_yxuKqTgrKlaCaTNBi6Vq0HaW-7hgD7kGkurE6UTVrDGA_odzBz_twwL-8V7DJ8o1eevwT_9ykP4uCCeonLI_s0EkQBj4pzLB2-iWJsw-ZfteY0Sh3RCP9FDXA9blL7H4h41KSoctmg8u0FbLSQbIUsy11QEvfbtxz_quBLJJUtYfNAmnStM8uWE0ufXqzJcN2x2TEEGD6Mt89Jw88XGXNY706zsVkdBX8hWk1FOiegyUws49JzwATFieW0rgOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHydPWHagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBCdjQPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAtAVAYAXAbIXHAoaCAASFHB1Yi02ODMwMjMxMTU3ODQ1MzcwGAA&sigh=9JZOJIJaMFc&uach_m=[UACH]&template_id=493
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 18:57:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
7479028689592139735
tpc.googlesyndication.com/gpa_images/simgad/ Frame 4C0D 		484 KB
484 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/gpa_images/simgad/7479028689592139735
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1c0f750162beb4e743a4863dd1303c8e6bc266b98c7ffaf09ac2bdb2211b0a65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 06:18:20 GMT
x-content-type-options
nosniff
age
45554
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
495818
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 04:09:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 06:18:20 GMT
8341226500854338885
tpc.googlesyndication.com/simgad/ Frame 4C0D
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDPv9L5EBDLAhjLAjIIO3y6dLyECcw
  • https://tpc.googlesyndication.com/simgad/8341226500854338885
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8341226500854338885
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8920176024bcd1125f115e463b13d79862d26782882e858546330ce51627e3b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Sun, 07 Aug 2022 02:15:53 GMT
x-content-type-options
nosniff
age
319301
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14221
x-xss-protection
0
last-modified
Mon, 28 Dec 2020 14:18:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 07 Aug 2023 02:15:53 GMT

Redirect headers

date
Wed, 10 Aug 2022 01:33:15 GMT
x-content-type-options
nosniff
server
cafe
age
62659
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://tpc.googlesyndication.com/simgad/8341226500854338885
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 09 Sep 2022 01:33:15 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-105305343-4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6934
date
Wed, 10 Aug 2022 17:02:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 10 Aug 2022 19:02:00 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9864 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Thu, 11 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 9C40 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=60&adk=2210436029&adf=1375555925&pi=t.aa~a.2174452598~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x60&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=0&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280%2C1200x90&nras=5&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2224&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=ks7lNhbVMk&p=https%3A//untoldtea.com&dtd=26
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 17:58:27 GMT
7775097633712655680
tpc.googlesyndication.com/simgad/ Frame DE4A 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7775097633712655680?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qmzeEErC41Bu4oOP2Esw969rLgZ_w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
480bdda1ce1c9c467a21cd8446497704899187d792fb0c9cd26e1b7f925a101a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:16:25 GMT
x-content-type-options
nosniff
age
2469
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14596
x-xss-protection
0
last-modified
Wed, 09 Mar 2022 06:00:13 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 10 Aug 2023 18:16:25 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame DE4A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
101
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9660
x-xss-protection
0
server
cafe
etag
13823643058518418725
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:53 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame DE4A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:55:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
102
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:55:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame DE4A 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44011
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1659958456967243"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 18:57:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame DE4A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
234
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7596
x-xss-protection
0
server
cafe
etag
12715132177492665634
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 18:53:40 GMT
l
www.google.com/ads/measurement/ Frame DE4A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQIsuHxAp_PTWVKuBYRFpK0wzxvMhpxiSj-yDYft3FTiaCr5H2dyxNcH5pchpnpIYoOhfEn7cbd9wFvASACQbQHP4QTXA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame DE4A 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 09:09:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
35279
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13514
x-xss-protection
0
server
cafe
etag
4827693875121430507
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 Aug 2022 09:09:35 GMT
truncated
/ Frame 4C0D 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc7b416d08b0b6df07d09871e6cfbf0d6b9185b156c5b147b1e84d9b68f28adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4C0D 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:13:40 GMT
x-content-type-options
nosniff
age
74634
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 22:13:40 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 4C0D 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Tue, 09 Aug 2022 22:44:27 GMT
x-content-type-options
nosniff
age
72787
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 09 Aug 2023 22:44:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame DE4A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CJI-Qnf_zYvKbG-jnxtYPn425uA3rlpjUa8_zy8G-EJj3q_7tMBABIMXPgAdglcKmgrAHoAGSmav8AsgBAqgDAcgDyQSqBMcBT9Agl7ExbNPC6hJvju4N7liWRwzryzWFrBEa23TVzoev3X7tMREtzEfy2I4M5zpMvzKZSVDxOPFJ-5tLRpDC4ANhGy3QRiy8skXHF17fHib8yHEd2eF_BsrPcpBMb7Nkh9upe8hlSRMmz7QjHL5VKqcVZD8Gpb7uN_rArFBRwKcYG4d2cC6vzu0izq8-xU_KlYVMo6X52pV0DKY_r-cjkPMiLrYo7ENdXgTefJdu8i6T83xWevQaki_WXsdjqTtdYIcYX9G4zMAEkKSL7KEEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB9bm1IMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQrtUw0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjgzMDIzMTE1Nzg0NTM3MBgA&sigh=y0hJKyLs9jY&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 10 Aug 2022 18:57:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pushly-sdk.min.css
cdn.p-n.io/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.p-n.io/pushly-sdk.min.css?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-48.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 04:52:33 GMT
content-encoding
gzip
last-modified
Tue, 28 Jun 2022 18:34:08 GMT
server
AmazonS3
age
50702
etag
W/"f3cd76bbdf477b890d940ce319bd1d16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
cache-control
max-age=86400
x-amz-cf-pop
FRA56-P5
x-amz-cf-id
brAWURBaBBlOVfsF97L-jUaA-Cdt_BzUZxg4eJnRKr31aJIHvjrZqQ==
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=449650163&t=pageview&_s=1&dl=https%3A%2F%2Funtoldtea.com%2F&ul=en-us&de=UTF-8&dt=Untoldtea&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1716783624&gjid=602110713&cid=227435030.1660157853&tid=UA-105305343-4&_gid=992690200.1660157854&_r=1&gtm=2ou880&z=1050945561
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9864
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJWbeD56tXWi2SjnzfOakWE&google_cver=1&google_push=AehlK4CDCMIeGQGj0HXzRHxjRMQD5GgtfELMm6Hb4lj4NTuyPQzcZaF5By...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CDCMIeGQGj0HXzRHxjRMQD5GgtfELMm6Hb4lj4NTuyPQzcZaF5ByTtEPVtSqfC5h2nHPRmkAGWNpL4luh1XuM-3P0XJxA&google_hm=fuji1-a9HOvD6...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CDCMIeGQGj0HXzRHxjRMQD5GgtfELMm6Hb4lj4NTuyPQzcZaF5ByTtEPVtSqfC5h2nHPRmkAGWNpL4luh1XuM-3P0XJxA&google_hm=fuji1-a9HOvD6ZG7g_PbPQ
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4CDCMIeGQGj0HXzRHxjRMQD5GgtfELMm6Hb4lj4NTuyPQzcZaF5ByTtEPVtSqfC5h2nHPRmkAGWNpL4luh1XuM-3P0XJxA&google_hm=fuji1-a9HOvD6ZG7g_PbPQ
pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 9864 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DZI4vuyCcIO0D6-_ssZ7Dh5mEQ6HYOFziwwdMod6NksIukwZo_oQufYofT9U1cmrRkDbcS18CXotemDj87KaQ8TDqG6g&google_gid=CAESEKwXOfc8sjTznuqqh2vkBrs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 9864 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEBUZ12KE9PgVHy97jqrbmgQ&google_cver=1&google_push=AehlK4AsV0aFevecd8b8cbG2_jtLrHoctSSYrbVRxF1-BlejvPFWx0A_9V_GN3xagTuleIccNwn6Ys66Xjv6dTx4BFCVjUSPeps
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
hor14cli16ug4apdvego8nb5nt38lavp
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 9864 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGz5ZRYgPSrwkBhw6oIw6uo&google_cver=1&google_push=AehlK4BuRuNhNL0M6OHM4eR89aHdaQRpMJqdO2h6Y0l1AaaeiK_FM98ZFtcfd_r-m_QFShzClKTtW9MywRLjdAz_B8HfAzKKXFo
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 9864
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOS8XS0FPr43XEE4QjPdWyc&google_cver=1&google_push=AehlK4AITUocKHbbqhYAQrLSqVhvBHjPSchM8f2kJjs8FAfMBKiz2qFUumh7WRJ5e76tyI6dC4t...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTEotMTUtMlA3Ng==&google_push=AehlK4AITUocKHbbqhYAQrLSqVhvBHjPSchM8f2kJjs8FAfMBKiz2qFUumh7WRJ5e76tyI6dC4tJxH2naJnd1QFEuGF-zPxN-i4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTEotMTUtMlA3Ng==&google_push=AehlK4AITUocKHbbqhYAQrLSqVhvBHjPSchM8f2kJjs8FAfMBKiz2qFUumh7WRJ5e76tyI6dC4tJxH2naJnd1QFEuGF-zPxN-i4
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTEotMTUtMlA3Ng==&google_push=AehlK4AITUocKHbbqhYAQrLSqVhvBHjPSchM8f2kJjs8FAfMBKiz2qFUumh7WRJ5e76tyI6dC4tJxH2naJnd1QFEuGF-zPxN-i4
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 9864
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4D9hRMHUfKzi8E1wPvz6Sc2MuqtH5erB...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4D9hRMHUfKzi8E1wPvz6Sc2MuqtH5erBUq0JfUTMOLQw_0VAZksOiglqJIkr4aYVQMFW9Iv7hhDY5oIQxuxVHS9mFFqN4o
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfWtRFNgI%2BHyPo%2FBl7jKG1ZTYrnyFAYOziAvv17Xzf99Kok7N%2Far3vQ7R1fB%2BOSQmfg9bbkceKsGFMCUr5Xfw8mKEEMT4Ojsi%2FwcRiQHg8lQqkGMpWe8bclZNrmbkVBeV7x5Sex72fS4%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4D9hRMHUfKzi8E1wPvz6Sc2MuqtH5erBUq0JfUTMOLQw_0VAZksOiglqJIkr4aYVQMFW9Iv7hhDY5oIQxuxVHS9mFFqN4o
cache-control
no-cache
cf-ray
738af53ca9679049-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 9864 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEH4zZSweH2nLsWKhs8EvD5I&google_cver=1&google_push=AehlK4BXrKr-ijWQJFqudYzDruRrKnXKQoHlYPeb29AFyByl6kr8q5Z3Xp8NL5s6O9lFpPXOjmnDyx2vmmMyy-PUcNP_K2OyiQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 9864 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IsursNNIq7M65jh4QCX6sA7wbrZzdbwOdRA25ZbqyVf4TBmopjRSHQKjgu8pD1vFZIQCjF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=280&adk=459621284&adf=2398994585&pi=t.aa~a.4086580417~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x280&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1722&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280&nras=3&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1425&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=pVsAQRl4u7&p=https%3A//untoldtea.com&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0C04 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1102
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:39:12 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
redir.html
p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 21AA 		247 B
962 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
642097d98bd337a2a69e71e33446f47caa2090f83e34ac744d808950bcd194b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
204
content-security-policy-report-only
script-src 'nonce-0xGRKOa1Z3wk4edSFn2Mig' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 29D5 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
17802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 14:00:52 GMT
etag
48472445140208031
expires
Thu, 11 Aug 2022 14:00:52 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2.0ea6592415db7f630eab-video-loader2.1-cr.js
cdn.avantisvideo.com/js/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
X0x1ohgLuQwdcmcojJpKQepQjoSaetGr
content-encoding
gzip
last-modified
Sun, 31 Jul 2022 08:12:46 GMT
server
AmazonS3
age
17206
etag
W/"877651bae5882b405ee2d6c7879cc089"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date
Wed, 10 Aug 2022 14:10:49 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
IKQ7Pv8lKk1SVpyebgOQTlQ9iOuiRRXrspBlQhlW5Fw5KzLqbDkemg==
collect
stats.g.doubleclick.net/j/ 		1 B
437 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-105305343-4&cid=227435030.1660157853&jid=1716783624&gjid=602110713&_gid=992690200.1660157854&_u=YADAAUAAAAAAAC~&z=215090067
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 10 Aug 2022 18:57:34 GMT
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame DE4A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ee8bca9706805a98eb1ff3c431c9e6d08f0fde99ba728f6d3377c9fa7ac542a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/png
adb.js
play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/ 		2 B
765 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.aniview.com/59918a0e073ef4782e4e347f/5ebd46100b22d93ee56a465f/adb.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/2.0ea6592415db7f630eab-video-loader2.1-cr.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:58c::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Unused62
8096267
Date
Wed, 10 Aug 2022 18:57:34 GMT
X-GUploader-UploadID
ABg5-UyceNYD8FEdWQb3EsKqZxhyLaQsoF5fAeemPciJDGSGGF4ULfrcEwEz_akWP2UPcpXtifCcA1iL2DSxDFRze85Z1ot-ZA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
2
Last-Modified
Thu, 14 May 2020 13:22:36 GMT
Server
UploadServer
ETag
"56f785241d0ed9fe51a8170b9dd50272"
x-goog-hash
crc32c=cz4mSA==
x-goog-generation
1589462556858294
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Content-Type
Cache-Control
public, max-age=1800
x-goog-stored-content-length
2
Accept-Ranges
bytes
Content-Type
text/javascript
Expires
Wed, 10 Aug 2022 19:27:34 GMT
pixel
cm.g.doubleclick.net/ Frame 29D5
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJWbeD56tXWi2SjnzfOakWE&google_cver=1&google_push=AehlK4AJ6PGvbIPVnygmyznPCY0iO1O5wn1vM0XWzYw1kbeescYGZ2GjBq...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AJ6PGvbIPVnygmyznPCY0iO1O5wn1vM0XWzYw1kbeescYGZ2GjBqgenr6Mj20N49zZ1hsUBTPlN8uxTaf9BDYGvQ8SPmE0DACJyTBjOIsUQcU7cORKUpJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AJ6PGvbIPVnygmyznPCY0iO1O5wn1vM0XWzYw1kbeescYGZ2GjBqgenr6Mj20N49zZ1hsUBTPlN8uxTaf9BDYGvQ8SPmE0DACJyTBjOIsUQcU7cORKUpJB_WfEwcbHH8i3EVnE55oeoi3A2SCrcg&google_hm=fuji1-a9HOvD6ZG7g_PbPQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AehlK4AJ6PGvbIPVnygmyznPCY0iO1O5wn1vM0XWzYw1kbeescYGZ2GjBqgenr6Mj20N49zZ1hsUBTPlN8uxTaf9BDYGvQ8SPmE0DACJyTBjOIsUQcU7cORKUpJB_WfEwcbHH8i3EVnE55oeoi3A2SCrcg&google_hm=fuji1-a9HOvD6ZG7g_PbPQ
pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
466606.gif
id.rlcdn.com/ Frame 29D5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BWo8Tqla3fMdaTTwcieS3mTg0PefbxOWhheK8ctTE0G0qg6xtiQGNJidFrgpL4LmFIb8v8CPoaW0BvYmZWvlVKfNexxj-3xxZawDc8FLQ1gfDLus3AWV7pNz2PKwYGcfqUrLyxqaFqRqkRWcqrPxo&google_gid=CAESEKwXOfc8sjTznuqqh2vkBrs&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 29D5 		0
41 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGz5ZRYgPSrwkBhw6oIw6uo&google_cver=1&google_push=AehlK4C776pXnOolngXN7kK6rBgAHwusspZwrfFX-73e-X0o3Q-RvB8W7PY6co-K4-3f__kiyB6tSKPeaw7TDjx66YJ9BhaFFKHxpmYPmHeM86QlhV1JcHVqjXOzLmhX1iKCK7uWtemH8jqWbPaL3QkBOjE
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 29D5
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOS8XS0FPr43XEE4QjPdWyc&google_cver=1&google_push=AehlK4AMfSMRam0ot6Zlyo1qQRLRIrQPl8NCSRj2dd65PzU73kSXGN6UpJrS_lHEyFQpzj9k3_4...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTkstMjgtQVRZSg==&google_push=AehlK4AMfSMRam0ot6Zlyo1qQRLRIrQPl8NCSRj2dd65PzU73kSXGN6UpJrS_lHEyFQpzj9k3_4jqju4JoIzE1Y9Q0lVAc5Orj0Gg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTkstMjgtQVRZSg==&google_push=AehlK4AMfSMRam0ot6Zlyo1qQRLRIrQPl8NCSRj2dd65PzU73kSXGN6UpJrS_lHEyFQpzj9k3_4jqju4JoIzE1Y9Q0lVAc5Orj0GgP_oNWrAU0tTUfICewaeiRkrCJDqGYVVDt_sJYNkSC9zh2Wi7s1a8Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDZOWjRFTkstMjgtQVRZSg==&google_push=AehlK4AMfSMRam0ot6Zlyo1qQRLRIrQPl8NCSRj2dd65PzU73kSXGN6UpJrS_lHEyFQpzj9k3_4jqju4JoIzE1Y9Q0lVAc5Orj0GgP_oNWrAU0tTUfICewaeiRkrCJDqGYVVDt_sJYNkSC9zh2Wi7s1a8Q
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
Expires
0
pixel
cm.g.doubleclick.net/ Frame 29D5
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4B5_zHOoy4Q04URdt4teJuJQahqdsEf_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4B5_zHOoy4Q04URdt4teJuJQahqdsEf_KoNIAG4t39nywWO9EiDyW_rJa4IfFjvBTtunGUDlwmSgyOtoCqju0TO_q4F4ywF7rwoqsuJz277C3pwVDJnoftLaajU7A9Wu60gyR156I4xDbfqxw3QFk8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ivi01KB5br4rcgZ4mUmMC4NDYYLUYrFQY%2B5PMpX7WDpG5%2FWZh0PvbJOWGG%2Be0nmqYhooXbiwdufgfv4NzR3%2FQmz2PKma9ebL32p6%2FqEFXnBF2TLK5JFJHwL4sA%2FGz3%2F64wq7x7zQSv9dQA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEJpsMIL3AS5agMOADbGIBlI&google_hm=YvP_nf_dH8s9GbSqNllueAAABMEAAAAB&google_nid=index&google_push=AehlK4B5_zHOoy4Q04URdt4teJuJQahqdsEf_KoNIAG4t39nywWO9EiDyW_rJa4IfFjvBTtunGUDlwmSgyOtoCqju0TO_q4F4ywF7rwoqsuJz277C3pwVDJnoftLaajU7A9Wu60gyR156I4xDbfqxw3QFk8
cache-control
no-cache
cf-ray
738af53d1a049049-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
trk
ag.innovid.com/ Frame 29D5 		43 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEH4zZSweH2nLsWKhs8EvD5I&google_cver=1&google_push=AehlK4CpDdaXIoqyedyCQ-yKXFYmMBQfdhddmylRci49Q_dRStAx7IdCt1USKJWB0Hn3GEtV99vmfpP0o7SW0DJkSRuT8H4bS7ziADT4G9t6-h0Ym1KwqeI9asQ4YAFBtHcEsO4bK3wN9ByfpOt9IyVUFw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
0
expires
-1
googleredir
googlecm.hit.gemius.pl/ Frame 29D5 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 29D5 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J2Mg-jlCmmrTyd1fx5SekqWgGzN5v6e_rtRF-jTpNXuLSjFrQ2h3g_gLB3GHBFezspY-BSYA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0C04
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:34 GMT
expires
Wed, 10 Aug 2022 18:57:34 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 10 Aug 2022 18:57:34 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
event-stream
k.p-n.io/ 		0
125 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 10 Aug 2022 18:57:34 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
event-stream
k.p-n.io/ 		0
126 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://k.p-n.io/event-stream
Requested by
Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=EWPPT5P8HLx9YUoMOpJww8f9XYhDgpN3PwTE
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.66.183.129 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-66-183-129.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
*
date
Wed, 10 Aug 2022 18:57:34 GMT
access-control-allow-headers
*
access-control-max-age
600
access-control-allow-methods
*
iframe.html
p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 21AA 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
sffe /
Resource Hash
751852d9557e61a5f68042db999aebb1f5b51901209cfa11dc16e1afaa037141
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
gzip
content-length
1861
content-security-policy-report-only
script-src 'nonce-LMgZ1zJCJO9fuMTIdxen_Q' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
pragma
no-cache
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
avcplayer_2_89.js
cdn.avantisvideo.com/js/ 		279 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b400:1c:38a0:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id
WJ3jJPCCM3aAkcwTY.vegsvtShd_34Wm
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 11:56:10 GMT
server
AmazonS3
age
78382
etag
W/"c6be89ee3bd8da9b1dbb4115606e1bbd"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
date
Wed, 10 Aug 2022 05:45:56 GMT
x-amz-cf-pop
FRA56-P6
x-amz-cf-id
UEC6xtmiY2bMJ0QLb5TPCr5K_rQPoqBNVjjittq9ZyYCGgH5eUAadQ==
ins.txt
static.avantisvideo.com/data/ 		28 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.avantisvideo.com/data/ins.txt
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/video-loader2.1-cr.js?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tagId=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:8e00:8:9ed9:9c40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 09 Aug 2022 20:28:22 GMT
content-encoding
gzip
last-modified
Wed, 30 Mar 2022 08:05:53 GMT
server
AmazonS3
age
80953
etag
W/"15dd250762ab54d6ff995255934ac6fe"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA60-P2
x-amz-cf-id
OT7AhPC5GZnJCaFJtu6V_QrElYGAyrYCp_A4IKnXfjytvKZ2ABUCuA==
via
1.1 90bb130ecccb71953b38a1c0e3b5721a.cloudfront.net (CloudFront)
hls.min.js
player.avplayer.com/script/2/2.55/libs/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:c::5c7b:6822 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdstGGWlRWBPv-OjQ_DsB2viQXPeOr9Add0S6VJCJzI7h5mXi-i4HrWI9P6NrNzuEn0d6eK4T7keIp7lMG_cWg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
71831
last-modified
Sun, 10 Jan 2021 14:52:52 GMT
server
UploadServer
etag
"7888b98658e8cef4a98786556ccdab66"
vary
Accept-Encoding
x-goog-hash
crc32c=vMWMIg==
content-language
en
x-goog-generation
1610290372874389
cache-control
public, max-age=300
x-goog-stored-content-length
71831
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 19:02:34 GMT
truncated
/ 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		385 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		240 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
AVmanager.js
player.aniview.com/script/6.1/ Frame 10AC 		387 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Requested by
Host: cdn.avantisvideo.com
URL: https://cdn.avantisvideo.com/js/avcplayer_2_89.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvCZwRGdTjbQjZ3NA15qBf6D_dlN5UXmXTEAzGyHSfceexCt3zYl9yrCMI65HCk9tvYolkfDxCyRPMvOPdYkLDBLQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
111956
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"903f07ee74bf08435b31bae7c312f6d2"
vary
Accept-Encoding
x-goog-hash
crc32c=X2RPuw==, md5=kD8H7nS/CENbMbrnwxL20g==
x-goog-generation
1659879239099576
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
111956
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 19:02:34 GMT
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 1012 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6830231157845370&output=html&h=90&adk=1155993514&adf=602304316&pi=t.aa~a.4086580417~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1660157853&rafmt=1&to=qs&pwprc=1850591722&psa=0&format=1200x90&url=https%3A%2F%2Funtoldtea.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660157853338&bpp=1&bdt=1723&idt=-M&shv=r20220808&mjsv=m202208080101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6bc3644e675e3ff2-22567d88eccd00bd%3AT%3D1660157852%3ART%3D1660157852%3AS%3DALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg&prev_fmts=0x0%2C1200x280%2C1200x280&nras=4&correlator=8690092849266&frm=20&pv=1&ga_vid=227435030.1660157853&ga_sid=1660157853&ga_hid=449650163&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2104&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44763505%2C44761793%2C31068863%2C31068874%2C31068520&oid=2&pvsid=2102216799556170&tmod=151776351&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=tcan46dQmj&p=https%3A//untoldtea.com&dtd=23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3547
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 17:58:27 GMT
track
track1.aniview.com/ 		0
71 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=untoldtea.com&sn=&ic=0&tgt=0&app=&wi=600&he=338&test=&d36=6.2.41&apppkg=&fv=3&proto=https&clsid=5b543cbd-b7d0-4e15-a0a2-727a8b8d6f39&rando=29&pid=61027ad23e194874003ad256&cid=61067b580d5316705a4e4044&stagid=&stplid=&e=inventory&vi=3&cb=1660157854578
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.168.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-168-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
go1.aniview.com/api/adserver/tag/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_URL=https%3A%2F%2Funtoldtea.com%2F&AV_VIDEOURL=https%3A%2F%2Fcontent1.avantisvideo.com%2Fhls%2Fbusiness_01.m3u8%3Fid&tid=1&d=desktop&i=0&cc=DE&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_PUBLISHERID=61027ad23e194874003ad256&AV_CHANNELID=61067b580d5316705a4e4044&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&pce=1&npx=1&AV_DETDOMAIN=untoldtea.com&AV_DADPOS=3&d36=6.2.41&responsive=1&sver=2&avtoken=854577&omv=1.0.1&clsid=5b543cbd-b7d0-4e15-a0a2-727a8b8d6f39&rando=29&AV_WIDTH=600&AV_HEIGHT=338&AV_DNT=0&cb=1660157854592
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.145.157.73 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-145-157-73.compute-1.amazonaws.com
Software
/
Resource Hash
8c32c1b7d8e442ee6a3a0867370b7330ed80dfb537532aef1ab6d6a6de3e88d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://untoldtea.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Sat, 30 Jul 2022 05:10:54 GMT
business_01.m3u8
content1.avantisvideo.com/hls/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/business_01.m3u8?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d8cb6eb22a1399d3559d229a47a1f6904309fd626b819c6464b6e0927f2a7c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:36 GMT
content-encoding
gzip
last-modified
Mon, 30 Aug 2021 07:20:17 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P5
etag
W/"2c6285e4db7012be934829bd32597cc6"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET
x-amz-version-id
xelO8p1lKkaqhIMbmmoNIR94qCKrcS.y
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-cache
Miss from cloudfront
content-type
application/x-mpegURL
x-amz-cf-id
gdaCaFOorRVxjniCocp8NtC1xwNP1u1msFqdz5vclgzOLRd3cjcrEA==
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4701 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiSxYm4TumFWnbGK760LGsMYCR_NcsD6XfJ85aGIXiyriBlr2_e2Cw0Y0YkoiNYdUTlQiDynnPqQxPvXp--S2u6c_SSGnGU4frxZQrxD3ULUoldMYvWRi0VGKKicI6dqIatMj2qrYcUf-6&sai=AMfl-YTVf4Zq4BeH5YPnfBtjbbh5zDxzg24Zt0Q2-5iZzZBaqWRxWxQChZyCWxd8HlVtAjMEvmZ4D7kjj9r8&sig=Cg0ArKJSzO_a58nBerJ8EAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2767623100&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660157852720&rpt=889&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 02B1 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh60BF7i8yr4_DIbbCJZgU-LZtd7C_fclNZsuNWisamFF1HId94KISVCQAHpGnkX2BU7AFo4Pp-PX7o89eqp5Fw2BajLNtQREvlLQ6KV_cP2A1dvgHrwYapsqTx7BAUnbwSqHLK7gOhxJ0&sai=AMfl-YSlqE92Zw3j8b4Ls7M20nN-bPv_H9d0ip0JPgRb8ZSo--Ctrvia842YmkIr1iXum8oq4EFsbvl6c4wh&sig=Cg0ArKJSzN-LQ1X_pNkaEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,740,1000,1088,1253&tos=84,656,260,88,165&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660157853446&rpt=125&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 Aug 2022 18:57:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiesyncendpoint
sync.aniview.com/ Frame 0508
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1660157854875-935139784106-007292-010-005166%26biddername%3D55%26key%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.aniview.com%252Fcookiesyncendpoint%253Fauid%253D1660157854875-935139784106-007292-010-005166%2526biddername%253D55%2526key%253D%...
  • https://sync.aniview.com/cookiesyncendpoint?auid=1660157854875-935139784106-007292-010-005166&biddername=55&key=2251023957780120123
0
215 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.aniview.com/cookiesyncendpoint?auid=1660157854875-935139784106-007292-010-005166&biddername=55&key=2251023957780120123
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.175.105.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-175-105-5.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Wed, 10 Aug 2022 18:57:35 GMT

Redirect headers

AN-X-Request-Uuid
e17d9c10-cc24-4ed3-a9d5-5c8bc672f5d2
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Wed, 10 Aug 2022 18:57:35 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://sync.aniview.com/cookiesyncendpoint?auid=1660157854875-935139784106-007292-010-005166&biddername=55&key=2251023957780120123
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
178.162.209.135; 178.162.209.135; 958.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
avpb6.27.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame 10AC 		178 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdvNTaLMxw2N6EgSmzqLD2A5j3PUaLSy6Cil2HnG5Rf80hoKAMSFO6l2cx478bau0FgGdyk-UFJgbYeBxZ3F1KeGVmn4LbJ8
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
54791
last-modified
Sun, 07 Aug 2022 13:33:59 GMT
server
UploadServer
etag
"4ecda2f032d9e44c338b378388b06251"
vary
Accept-Encoding
x-goog-hash
crc32c=fWN0zQ==, md5=Ts2i8DLZ5EwzizeDiLBiUQ==
x-goog-generation
1659879239799693
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
54791
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 19:02:34 GMT
avpb6.27.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame 10AC 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtBCfioJdVGZ4mG498uddDCM2V-EFDSxKNEE43Gsii7Zy_jSAF_DtpuMT3TjwPVlKJEkUI5Q3uukC6eCMylvep2Fe4CRVGR
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
22126
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"2ae737f175c0550382b15b7d6f5922f5"
vary
Accept-Encoding
x-goog-hash
crc32c=MZYTDg==, md5=Kuc38XXAVQOCsVt9b1ki9Q==
x-goog-generation
1659879239872223
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
22126
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 19:02:34 GMT
avpb6.27.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame 10AC 		68 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:595::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycds0suCgssSGVzLiYo1z6SbiCdXjTbBiNOxn1AqVfXS9nB6BYCFYVlhFtImGYiow6Y3DavBYUY8y0_ebzlYrirB3Q6FJFAF_
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20618
last-modified
Sun, 07 Aug 2022 13:34:00 GMT
server
UploadServer
etag
"b4637f2b16940536698574e508f06ce3"
vary
Accept-Encoding
x-goog-hash
crc32c=yl9jOw==, md5=tGN/KxaUBTZphXTlCPBs4w==
x-goog-generation
1659879239902979
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=300
x-goog-stored-content-length
20618
accept-ranges
bytes
content-type
application/javascript
expires
Wed, 10 Aug 2022 19:02:34 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=44103&t=1660157854&cip=178.162.209.135&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660157854875-935139784106-007292-010-005166&cha=0.1&stagid=&stplid=&d35=&d36=6.2.41&cb=80695299948&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1660157854938&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.168.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-168-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:34 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://untoldtea.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 10 Aug 2022 18:57:35 GMT
server
ATS/9.1.10.25
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 18:57:35 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
/
hb.emxdgt.com/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=7000&ts=1660157855109&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.18.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 18:57:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
business_01.ts
content1.avantisvideo.com/hls/ 		93 KB
94 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/business_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8b5c67e2b28455a5240258ddcf5de8b0c50d02d9e30e6f56c68c354eac7cf22

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=0-95315

Response headers

date
Wed, 10 Aug 2022 18:57:36 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
Content-Range
bytes 0-95315/25229412
Content-Length
95316
last-modified
Mon, 30 Aug 2021 07:19:19 GMT
server
AmazonS3
etag
"269588b7d88d6e668387a53ce8244c89-2"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
3IXrcVAX..HXbxdjLUz1mZvvLp9c06d1
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
2PXH3XDI4suVsK0gj2jmw9xuqJwgEFZOZi--Spxbh34a5rI-oRd2ug==
2c25af5d-7db3-41c2-b41c-958c4eccad42
https://untoldtea.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://untoldtea.com/2c25af5d-7db3-41c2-b41c-958c4eccad42
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 18:57:35 GMT
track
track1.aniview.com/ 		0
70 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=44103&t=1660157854&cip=178.162.209.135&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660157854875-935139784106-007292-010-005166&cha=0.1&stagid=&stplid=&d35=&d36=6.2.41&cb=80695299948&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338&&ppid=61027ad23e194874003ad256&nid=59918a0e073ef4782e4e347f&pcid=61067b580d5316705a4e4044&ncid=5d4aab3928a06112b42d3a48&pasid=61067aa179532c5124764e75&e=request&cb=1660157855320&asid=62bbf7673eb23545e442ec84%2C62bbf76153127b16df63a515&ofpr=2.92%2C2.42&fpo=%2C
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.168.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-168-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:35 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
hb.emxdgt.com/ 		0
156 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=7000&ts=1660157855323&src=pbjs
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.73.18.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-73-18-26.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 18:57:35 GMT
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
security, Content-Type
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ 		0
19 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
x-openrtb-version
2.5
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://untoldtea.com
date
Wed, 10 Aug 2022 18:57:35 GMT
access-control-allow-credentials
true
server
ATS/9.1.10.25
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
PBJS
c2shb.pubgw.yahoo.com/admax/bid/partners/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://c2shb.pubgw.yahoo.com/admax/bid/partners/PBJS
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-openrtb-version
Access-Control-Request-Method
POST
Origin
https://untoldtea.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
https://untoldtea.com
access-control-max-age
600
age
0
content-length
0
date
Wed, 10 Aug 2022 18:57:35 GMT
server
ATS/9.1.10.25
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Requested by
Host: untoldtea.com
URL: https://untoldtea.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 18:57:35 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220808&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b865f363c19091a7db9f6d1d05da0b4510c2cae4dbf8a5431ea789743119637
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 10 Aug 2022 18:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11154
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6830231157845370&plah=untoldtea.com&bust=31068863
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 18:57:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7296 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6327
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 17:12:08 GMT
expires
Thu, 10 Aug 2023 17:12:08 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4B67 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ebc51bd1657403a4710f618f51c9ab0c038f0e2b96c6083960493afe59d0bcfa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-J83F9b_WOzJN_AEzlUkCAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-J83F9b_WOzJN_AEzlUkCAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 Aug 2022 18:57:35 GMT
expires
Wed, 10 Aug 2022 18:57:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
pagead2.googlesyndication.com/bg/ Frame 7296 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/UkaWbFdOBngpypKF1XmH91LOVqbH0hMQiz9LuN6ufos.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 17:58:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
3548
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14146
x-xss-protection
0
last-modified
Fri, 29 Jul 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 10 Aug 2023 17:58:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4B67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220808&jk=2102216799556170&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 7296 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?CDpTNg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date
Wed, 10 Aug 2022 18:57:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
check.html
biddr.brealtime.com/ Frame 7773 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
1770
CF-Cache-Status
HIT
CF-RAY
738af5471d959067-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 10 Aug 2022 18:57:35 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Wed, 10 Aug 2022 19:57:35 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id
15DYQDFYDGXZWWWF
check.html
biddr.brealtime.com/ Frame E4C5 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb6.27.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer
https://untoldtea.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
1190
CF-Cache-Status
HIT
CF-RAY
738af5471b629bca-FRA
Cache-Control
public, max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html
Date
Wed, 10 Aug 2022 18:57:35 GMT
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires
Wed, 10 Aug 2022 19:57:35 GMT
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
x-amz-id-2
THBBha14TFKejWVop+slac2Gat7v7s2Fu4JGgxBkG9B75xNQjO1mn/icIaXCsUesNFddupQ0giY=
x-amz-request-id
15DG7FS62Q387667
business_01.ts
content1.avantisvideo.com/hls/ 		183 KB
184 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/business_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8d1ab29ca0c8a205ab56236a88d73741a1c77a04ea08ac9031561af09c627a5

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=95316-282563

Response headers

date
Wed, 10 Aug 2022 18:57:36 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 95316-282563/25229412
Content-Length
187248
last-modified
Mon, 30 Aug 2021 07:19:19 GMT
server
AmazonS3
etag
"269588b7d88d6e668387a53ce8244c89-2"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
3IXrcVAX..HXbxdjLUz1mZvvLp9c06d1
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
CyvLQqmKglWeqSJO3tYK-qc9PX9mBFWiaDDICTJ6v3nnxcWCRRBigw==
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
events1.avantisvideo.com/ 		0
34 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://events1.avantisvideo.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.241.52.146 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-241-52-146.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 Aug 2022 18:57:36 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220808&jk=2102216799556170&bg=!FRalFlLNAAZGjrx1Zo47ACkAdvg8Wp5EyP6DMHaGzCO1l7PGHVwlpRdtAaJmBx_zn3huJPwYBfhEPwIAAABjUgAAAAJoAQcKAENmrPZCmpJzLeCN185HfA4wPkVjyEn5XvU4rDjiAc0TXYKOGROecZoiFfGzF1kBbVFUv7uXb2h3Svdmu2vF5dqqii5smQLDfJE64ecfXdQDOmgFf41T92crbGvLOxF9oucGzbHWobmuQFDBd0qTH4Bk6WHSoloIJgjkQnGKO3yIjr2iHRPgHDgQTw9T-VTa9qoS-3E-TotodjS4g5FQoNBtOIEDhJviNKA3T421Dy7cLuJramC7RTUtG_4EkX_27HdmHns88x8NRqF0yAEAWLjzGJ5ifghi8uAEWKGD9chAi36iZGjyTbKKMWkJjb33JmEoG9AyaqBR5VT82xYrEErqpV76jkXNIPBbOYDnt5KvLNoZ64uH40vPwhWBiUYbIqq21Yb_wjgX4sLSYI6l0bBYbIAxNIqmJxJgU_xXeSrgvDH4hrZLEROS6BpjUYdw3P1M7GVT7L7J6fiHEclYlL6xAs4rVjAAplI1SLJG5pm57JhY-EsN6xh0mFZuvbwNnhbHXsWmLQFyFKuCkQPsN1yM7_A2M-eUHoX4aLUXT8k7zb95Ygp6ocsyGNTaYmQknAmUkUAO8Ygzb3mV2nv3mOIR3-Q0ZSu5n9IH9MswJc56hM7ER4wF-IkJzwA6iME7WGvhnPit0cgmPaooVsnQBN_aVlZuPjo2pc_J4bfsd0rGdkkdFg7r9LBWHD4TewUm6FvMp_YkP9iBohhvHClFS2DcE8BTaEqjD8Kbfd4NMeOjMgyfBh0C9eH9vuSyZh3_m7GY9u42xKLG3Cd9RUtsYnfgLwOHi1_aRMMZJ6C0dmNl0hjIFuF8T1bzycGtRQ8VISacu4Wm_FyYdZUhVU4GIaXIiKa2l10uwRMj-zKtDRHWqEGvnXWTYtq5MYdsNk5Xb27WgZSTKeZGXn8nP3lB7dv0Ui4C0hKVWoR5StLtXEBa37b5YfDYaOr6IG1nI0qh-uFTCzO2gydmqVZDRv7gCa36GX9DAPx-9dRM-cdxac377go0jQ42iutkQ433nkhf7YAjP1C16i66O-s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://untoldtea.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers
business_01.ts
content1.avantisvideo.com/hls/ 		174 KB
175 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/business_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6f5d5b6b9c1861b8fdfa33db0de4e77505f55a3e97d2a58a6472ccb3b19d311c

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=282564-460787

Response headers

date
Wed, 10 Aug 2022 18:57:36 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 282564-460787/25229412
Content-Length
178224
last-modified
Mon, 30 Aug 2021 07:19:19 GMT
server
AmazonS3
etag
"269588b7d88d6e668387a53ce8244c89-2"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
3IXrcVAX..HXbxdjLUz1mZvvLp9c06d1
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
8nZk5Oh7LAIAYG6Rm5XfY7Q66KmVtZ2ZZB02sFTae2_KC6yosxGbRA==
business_01.ts
content1.avantisvideo.com/hls/ 		194 KB
195 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/business_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
49a6110da57910dc2a54381d86a81a217790efef5baa62942aeeea76a64d3e70

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=460788-659503

Response headers

date
Wed, 10 Aug 2022 18:57:36 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 460788-659503/25229412
Content-Length
198716
last-modified
Mon, 30 Aug 2021 07:19:19 GMT
server
AmazonS3
etag
"269588b7d88d6e668387a53ce8244c89-2"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
3IXrcVAX..HXbxdjLUz1mZvvLp9c06d1
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
Rf0Z-JmpAhb2Lp_-fB2Iuxat4Pd-Rj-ZmtHDj12FT_GQuYOloqjeSw==
business_01.ts
content1.avantisvideo.com/hls/ 		198 KB
199 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://content1.avantisvideo.com/hls/business_01.ts?id=77c45572-d9fc-4c55-98b1-a182a93ad2ab&tid=1&d=desktop&i=0&cc=DE
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/2/2.55/libs/hls.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:2c00:1e:efeb:b400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc6c9509cf664d8ff9c0059eb2f6bcd79893aece123e161826fe682caeff08e6

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Range
bytes=659504-862355

Response headers

date
Wed, 10 Aug 2022 18:57:36 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
age
1
x-cache
Hit from cloudfront
Content-Range
bytes 659504-862355/25229412
Content-Length
202852
last-modified
Mon, 30 Aug 2021 07:19:19 GMT
server
AmazonS3
etag
"269588b7d88d6e668387a53ce8244c89-2"
vary
Origin
access-control-allow-methods
GET
x-amz-version-id
3IXrcVAX..HXbxdjLUz1mZvvLp9c06d1
access-control-allow-origin
https://untoldtea.com
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P5
accept-ranges
bytes
content-type
video/MP2T
x-amz-cf-id
0z2dPOEZIhjRjN5TiZFR63up76jv2z1qvsQg14EDpx2HxPmN2YvcIg==
track
track1.aniview.com/ 		0
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?d=Chrome&cou=DE&cos=Windows&r=untoldtea.com&rs=untoldtea.com&sid=44103&t=1660157854&cip=178.162.209.135&sn=&tgt=0&osv=10&bv=104.0&brn=Chrome&wi=600&he=338&app=&AV_PUBLISHERID=61027ad23e194874003ad256&test=&aafaid=&proto=https&uid=1660157854875-935139784106-007292-010-005166&cha=0.1&stagid=&stplid=&d35=&d36=6.2.41&cb=80695299948&apppkg=&d9=1000&AV_WIDTH=600&AV_HEIGHT=338
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=61027ad23e194874003ad256
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.193.168.14 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-193-168-14.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://untoldtea.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 Aug 2022 18:57:39 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM801ziarnZ7dMvMW9Pl4DY&google_cver=1&google_push=AehlK4AISPJJpUxUSGdLr6hAt8HxN_-8r3kefck0iKjQwYe-OQOaDzB2WzTs5ZUaDl9Vt537CXEznH2bJpOLtV4arKRypBYV52sQmNZb_dwTlk2i-N7ZxB_mfb6FPv2qoL7boTWtgrtuczoSuxFrbA-r6-DE

Verdicts & Comments Add Verdict or Comment

117 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| _wpemojiSettings object| twemoji object| wp function| $ function| jQuery object| myAjax object| dataLayer object| astra function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc number| google_rum_task_id_counter string| google_user_agent_client_hint function| onYouTubeIframeAPIReady object| gaGlobal function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| astraGetParents function| getParents function| astraToggleClass function| toggleClass function| astraTriggerEvent function| popupTriggerClick function| AstraToggleSubMenu function| AstraNavigationMenu function| AstraToggleMenu function| AstraToggleSetup function| astraNavMenuToggle object| adsforwp_obj object| e object| adsforwp_browser_obj function| checkOrResult function| checkAndResult object| socialsnap_script function| ss_throttle object| socialsnapfields object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate function| Dict function| delay object| _ object| IvorySearchVars function| ivory_search_analytics object| bootstrap function| loadMore object| google_llp object| googletag object| avntsWebpackJsonp number| avnts_player number| _swclk_ number| _swsts_ object| PushlySDK function| pushly function| gtag string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| avntsQ object| com function| _avcp function| Hls object| storageAni number| link number| len object| GoogleGcLKhOms object| google_image_requests

36 Cookies

Domain/Path Name / Value
untoldtea.com/ Name: PHPSESSID
Value: bc59dcbd181ffb633ea764ba5a3acc79
.untoldtea.com/ Name: _ga_M28037773M
Value: GS1.1.1660157852.1.0.1660157852.0
.untoldtea.com/ Name: __gads
Value: ID=6bc3644e675e3ff2-22567d88eccd00bd:T=1660157852:RT=1660157852:S=ALNI_MbEH5WdxlGUc4mhTU5QjupoZgPnyg
.doubleclick.net/ Name: IDE
Value: AHWqTUlhlYF7SUEIG7160tyvSiuvG4R4WRjyaV0lQFnn7BPqAJH65Ky3ktfu9SkzGvM
.doubleclick.net/ Name: DSID
Value: NO_DATA
.quantserve.com/ Name: d
Value: EFcBCQHpJoEA
.quantserve.com/ Name: mc
Value: 62f3ff9d-e7ac1-c5fb2-e4c95
.casalemedia.com/ Name: CMID
Value: YvP-nf-dH8s9GbSqNllueAAA
.casalemedia.com/ Name: CMPS
Value: 1217
.casalemedia.com/ Name: CMPRO
Value: 1217
.agkn.com/ Name: ab
Value: 0001%3AfBeCp2l5PNcBd68SDTIwQD86ChIFRXIE
.agkn.com/ Name: u
Value: C|0CEAqhrweKoa8HgAAAAAAAQ13AQCAAQpAAAAAAA
.untoldtea.com/ Name: _pnvl
Value: false
.untoldtea.com/ Name: pushly.user_puuid
Value: XaBLaozoA9bURDDnHU9bl6Cjvqdi2U5u
.untoldtea.com/ Name: _pndnt
Value:
.untoldtea.com/ Name: _ga
Value: GA1.2.227435030.1660157853
.untoldtea.com/ Name: _gid
Value: GA1.2.992690200.1660157854
.untoldtea.com/ Name: _gat_gtag_UA_105305343_4
Value: 1
.casalemedia.com/ Name: CMTS
Value: 5164
.untoldtea.com/ Name: _pnlspid
Value: 14214
.untoldtea.com/ Name: _pnss
Value: dismissed
.untoldtea.com/ Name: _pnpdm
Value: true
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.innovid.com/ Name: uuid
Value: 0b27d80b-864f-44a4-91b0-8ac29bd23051-20220810 14:57:34
.addthis.com/ Name: na_id
Value: 2022081018573400085388771038
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 62f3ff9e4533296b
.addthis.com/ Name: ouid
Value: 62f3ff9e0001e826e7afee773d40150370547d54d2f5e97c69cd
.dlx.addthis.com/ Name: na_rn
Value: 0
.dlx.addthis.com/ Name: na_sr
Value: 20220810
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_sc_e
Value: 0
untoldtea.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.adnxs.com/ Name: uuid2
Value: 2251023957780120123
.aniview.com/ Name: 2_C_55
Value: 2251023957780120123
sync.aniview.com/ Name: 2_C_55
Value: 2251023957780120123

3 Console Messages

Source Level URL
Text
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4DZI4vuyCcIO0D6-_ssZ7Dh5mEQ6HYOFziwwdMod6NksIukwZo_oQufYofT9U1cmrRkDbcS18CXotemDj87KaQ8TDqG6g&google_gid=CAESEKwXOfc8sjTznuqqh2vkBrs&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEM801ziarnZ7dMvMW9Pl4DY&google_cver=1&google_push=AehlK4AISPJJpUxUSGdLr6hAt8HxN_-8r3kefck0iKjQwYe-OQOaDzB2WzTs5ZUaDl9Vt537CXEznH2bJpOLtV4arKRypBYV52sQmNZb_dwTlk2i-N7ZxB_mfb6FPv2qoL7boTWtgrtuczoSuxFrbA-r6-DE
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network error URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAehlK4BWo8Tqla3fMdaTTwcieS3mTg0PefbxOWhheK8ctTE0G0qg6xtiQGNJidFrgpL4LmFIb8v8CPoaW0BvYmZWvlVKfNexxj-3xxZawDc8FLQ1gfDLus3AWV7pNz2PKwYGcfqUrLyxqaFqRqkRWcqrPxo&google_gid=CAESEKwXOfc8sjTznuqqh2vkBrs&google_cver=1
Message:
Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ag.innovid.com
avm.avantisvideo.com
biddr.brealtime.com
c2shb.pubgw.yahoo.com
cdn.avantisvideo.com
cdn.p-n.io
cdn1.avantisvideo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
content1.avantisvideo.com
d.agkn.com
e.dlx.addthis.com
events1.avantisvideo.com
fonts.googleapis.com
fonts.gstatic.com
go1.aniview.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
hb.emxdgt.com
id.rlcdn.com
image6.pubmatic.com
k.p-n.io
maxcdn.bootstrapcdn.com
p4-bf47mgfgf737g-fuoabo3vqvqorfw7-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
play.aniview.com
player.aniview.com
player.avplayer.com
region1.google-analytics.com
rtb.openx.net
secure.adnxs.com
ssum-sec.casalemedia.com
static.avantisvideo.com
stats.g.doubleclick.net
sync.aniview.com
tpc.googlesyndication.com
track1.aniview.com
untoldtea.com
use.fontawesome.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.17.119.107
104.18.19.126
142.250.181.227
142.250.184.194
142.250.186.98
18.195.201.66
18.66.112.48
185.89.210.180
198.47.127.19
2.18.168.242
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3a
2600:9000:223f:2c00:1e:efeb:b400:93a1
2600:9000:2250:8e00:8:9ed9:9c40:93a1
2600:9000:225e:c600:3:748e:7940:93a1
2600:9000:2490:b400:1c:38a0:8a40:93a1
2606:4700:3033::6815:3f36
2606:4700:7::a29f:862a
2606:4700::6811:190e
2606:4700::6812:bcf
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:801::2008
2a00:1450:4001:802::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c1b::9c
2a02:26f0:3500:58c::2c79
2a02:26f0:3500:595::2c79
2a02:26f0:3500:c::5c7b:6822
2a05:d01c:1d8:8101:d7b0:e7f4:5b5e:7c21
3.66.183.129
3.73.18.26
34.193.168.14
35.186.253.211
35.244.174.68
44.241.52.146
52.211.246.129
52.28.203.152
54.145.157.73
54.175.105.5
69.173.144.138
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
02485b5002931bad58070200b2d4840be5417300e68f7b56fcd8df5e89fbdb98
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
058bc5e95f1b17f0af263e284d3801d683cb0ab79cee4bd2d5265ba0e2d6b336
0b865f363c19091a7db9f6d1d05da0b4510c2cae4dbf8a5431ea789743119637
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bff5aff5bcfabd29aca883b86ccb6482d93d194fb31316b7c2df410c328514b
1050861291360164827a3ca6086d3c7db90dff9cc1791a5989d2a7263dd14444
1702c1aa97261e68dc9eda17cb00589df76b9818b1e2c77c25a0676de45c6531
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c0f750162beb4e743a4863dd1303c8e6bc266b98c7ffaf09ac2bdb2211b0a65
1dca4f2dcfb119cbe001fb3b31e559aed59674832f729fbf9170d2f23803f9c3
1f1fc7cfed804a07a47bb11a080c3251688c4df62455d5b296eed2ff806b08ee
24374f583eeb0c88723c3cb830828d5798ce87144c8ce4e32076df4786f72848
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c8bdcebfbe4caf87727b3c56442dc41a790ac80a071c4d67374f2f9bd9e2b43
2e4386cf56ad2612f0ad0526372b3d1cd96d6ecb3f32836f141aa28207b3907e
32a1cde1991233c6fe4790f961de3c85f8db74b00a4600db6ba33501edb5b700
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
3c94d07090acdd3c44fa5f23a2c957c961c7413129f068acecf17f1402102c4d
3d339d8964a7cbfedf6d7bede292d224a5fe885ee37ffc9ee1a9220851a1ee4e
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
3ee8bca9706805a98eb1ff3c431c9e6d08f0fde99ba728f6d3377c9fa7ac542a
41047c2e405e4a81db54ad12b94fcf1af427192f1dc192a3af2d6461fb197217
41c8460c9c718fb0e8c275b7baa9083f5477ec0919bab552ef952ecee74c567b
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
480bdda1ce1c9c467a21cd8446497704899187d792fb0c9cd26e1b7f925a101a
49a6110da57910dc2a54381d86a81a217790efef5baa62942aeeea76a64d3e70
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4c72c178e392f4cbecee8ef6cfe8857e6042ecaa2277eb6ccdcb7212755c69fa
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d8cb6eb22a1399d3559d229a47a1f6904309fd626b819c6464b6e0927f2a7c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51bc3ec40ff505092c6238dd0c859620b7f2bf1133480138de455706293d2d95
5245a60b30f299f5bc4e97c9651c2656182e7ed0557f9cbc98e8f6617713d101
5246966c574e067829ca9285d57987f752ce56a6c7d213108b3f4bb8deae7e8b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
59447f4df0ba3b68e2ac9fbc2b29bb1836a9d686f35dbc8ae6ff21ff80a971fa
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b9392d4e02b4ad7004ce64bd640f411d9a2e5bfaf45139eed02ee5f4cd9d429
5c412419bd084f758e76a6dde939c0f2d5a92a4b46f5cb3662c223dc1321dc8f
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5ca1b8a622a6bdc80364d3a3b765e640162d7f40bc82a9724705c710552f46e5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
642097d98bd337a2a69e71e33446f47caa2090f83e34ac744d808950bcd194b2
6830d2cbbe2f4c359c873289bbeae9658100a5da81fe00270a7aab7c27cfcee6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c7563d56a2e9debb0d9e112ba61a8cb8851ad0c3a5fd5cb12075b0f21bb7ea0
6df2abe41f0b21176c18c31cd1fcbb7ba823bcfebb5ccba9c33b65f1d6b63a9b
6f5d5b6b9c1861b8fdfa33db0de4e77505f55a3e97d2a58a6472ccb3b19d311c
751852d9557e61a5f68042db999aebb1f5b51901209cfa11dc16e1afaa037141
7528e02359e1b7be3fc4ab11fb535bad3ae0517811fd2dcb4b1a640b99eef509
7576df0ee834d1e20a0f4abd956836662aecff4a4d380893e564299d3615d30c
78ac130c63de5971ccd1c789fcc4cde8c56592d173fbd4ce18d54d4bedbb3441
7903576385bd1bfc61197245f1a37832b44b54dee0b383b043a09b44420622f5
7a0f1c6b1e996a2b0f7d70cfe22c8607569acc3ca480af1f703ec61ef7e1fd43
7f8f4a16467c23ae2fd8e0b94ffac451bd278f91551632c63a6a309f36af4b0b
82df16c2b9566862302bf45688a07667a9e658325d3fb54e5dcf9482306a39fa
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
876d023d9d10c97941b80c3b03e2a5b94631ff7a4af9cee5604a6a2d39718d84
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
87c3d31ca6ed4abd12c49ff55d9f8cd7423e94e6ae4e18af2cc5d20971856d93
8886097d7db5d7039926bca67738c05ecb2f56dc915bf38ab14284b62c5f7374
88e739a5fa7619655939e64c553ca58df87302f8773512d5ee25ce4b4ebe246e
8920176024bcd1125f115e463b13d79862d26782882e858546330ce51627e3b6
896e4d89ac5b24a26055d5cb2729cccf1c6aa3272eb7855b409461fef56991df
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8aee6d7e6d51e6d543f52ac97a4a1633a6c07a12eb955c8603fff01a357297f5
8c32c1b7d8e442ee6a3a0867370b7330ed80dfb537532aef1ab6d6a6de3e88d4
925b9584bd4a9328e5a11c4a4f9791d9f1274eb3a61fd20bcbbe1c6a37c72860
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
92c4f926de2397eb436550ea57ef9c8b4fdef260363b76ca8d190ee6dbaaa332
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98b9f3c43e7113fc174844b48fe8fb299c32fd2232b6e92306648071883ff96a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff07ed2c891ed887a0e9eb61461ca9c00277a27fd98d73e40d60b91b2eb86f0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1a86586e73a2daff4b9bccc2eef0e09c34c1683c5487e710a7f10c742f6bce0
a1bde9723707120c185a30d2e857a8a02a71fa16b6a78b9e6e84121aa4be000e
a2ab367a4a8f768121fb5441a3bfb48eddcb4c01192955a39f25cd1e415b7010
a36748707c0b45b1235bba73dc3ae3704ae9df49e2ec20744303830b1232c7d3
a3fdae2cfc9e0859de861378558eb0075c08fcf9b2511b6ba1475c02baa139bf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ac95966b650e8965bf7c8073300b44b8fdb2577d74032e51f89ab2ab7eaeac
ac04eeafb37af7a83cf04b1140084bccf6b1a7f0945dcc6991e72e177a8cda40
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad3f23350801bfb77e60e7d8a2ac6e4be42ff80de8058ec36a1a05872260efe6
b0fadf75681475e975bd2bdaceac6c08e8f5ef06f9a1c7fe9f3f7a571f5bc935
b394d33b2a7ec654a6b037ebfda6618341b3f897a362be624c923c2711b54a43
b72805902e02fb3e4dd61d116e8f34a240f5609bdfb0c699ffb950a418e5a162
b8bc5dcbe30b9542978d369b8c9123caa8e9694c34940447e131d57a6ca2b02b
b9a73858c84135c123879eaff2d94ca31f2a9397ac1408cccccd87350919aa8a
ba3648c632bb816e323681540d25397c5a9bae8d6b0f2655d1cd17a580deadff
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c410269a4fbd77addf6b06836154aaf1255d6f603c31432e07db1c071edec097
c99f9dbea763d06c3cda7a4642534c9373f397b68f59083e9c5871cd39f525bf
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
d66b4e8556dec780a3be1e72c2bacfac5f379f6977f2886254908e5f87db6bd6
d7471e3df1ba49ecc8acc2dc6d8c4c3619f1a8e094050bdb2432c1cb2548468d
d7705700d24d5919255576642ad2c28bfc790390b7183a369038ff5c1e814d51
d8a957038679125d4840554fc43375697e662283121561afdefc2c3fbecaf729
d8b5c67e2b28455a5240258ddcf5de8b0c50d02d9e30e6f56c68c354eac7cf22
d8d1ab29ca0c8a205ab56236a88d73741a1c77a04ea08ac9031561af09c627a5
da45ba0d70deb9fb60469491a48b8d3c35de86919a7a3a50a63f439e622321e4
dab5fc88424d51257fc91bb0cd946e4f61dec6af379c8c6659a4e4d231ff607b
dc6c9509cf664d8ff9c0059eb2f6bcd79893aece123e161826fe682caeff08e6
dc7b416d08b0b6df07d09871e6cfbf0d6b9185b156c5b147b1e84d9b68f28adb
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eaa3d12c6890efadb732d28d679f37a9d9f513ac686e7de453e82000612a7536
ebc51bd1657403a4710f618f51c9ab0c038f0e2b96c6083960493afe59d0bcfa
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2fad7a0d8b919e9de69ae754cccb5644fb41e2f34664bc33999777fc4a4e3fc
f43e1900b996638dcb8c823b8d34f0c15b64b6466daa544779373475688bce47
f80227b4af6c3daaddcd249fa6b44c7d56600fe6c84b537da001df6aae2b8647
fb35ebb5f496f09ed4148015a0c3f569595d38d6214bc5d00941b37464782290
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce
fe189a28839242c0f4fcf2d4a77fb62b775fc9b2b09ed12f2e02e2799f931673
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e