beauty-upgrade.tw Open in urlscan Pro
2606:4700:3035::ac43:dc65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://my1312-hat-23be.googlerootmm.workers.dev/
Effective URL:
https://beauty-upgrade.tw/
Submission: On January 31 via api (January 31st 2022, 9:01:37 am UTC) from US — Scanned from DE

Summary HTTP 124 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 30 IPs in 5 countries across 20 domains to perform 124 HTTP transactions. The main IP is 2606:4700:3035::ac43:dc65, located in United States and belongs to CLOUDFLARENET, US. The main domain is beauty-upgrade.tw. The Cisco Umbrella rank of the primary domain is 501296.
TLS certificate: Issued by R3 on January 2nd 2022. Valid for: 3 months.

This is the only time beauty-upgrade.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3037::6815:2c55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
29	2606:4700:303... 2606:4700:3035::ac43:dc65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:4700:303... 2606:4700:3037::6815:4e07	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
4	119.63.193.220 119.63.193.220	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:215... 2600:9000:2156:9800:14:3d35:8f40:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	23.203.74.175 23.203.74.175	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	3.34.81.245 3.34.81.245	16509 (AMAZON-02) (AMAZON-02)
1	3.37.34.240 3.37.34.240	() ()
1 1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	3.39.1.210 3.39.1.210	() ()
124	30

1 2606:4700:3037::6815:2c55 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

my1312-hat-23be.googlerootmm.workers.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2606:4700:3035::ac43:dc65 (United States)

ASN13335 (CLOUDFLARENET, US)

beauty-upgrade.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2156:9800:14:3d35:8f40:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.ptengine.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.74.175 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-74-175.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0517484124fa920bd39ee4b495055c1f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.34.81.245 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-34-81-245.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.37.34.240 (None, )

ASN- ()

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.39.1.210 (None, )

ASN- ()

adx.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124 0517484124fa920bd39ee4b495055c1f.safeframe.googlesyndication.com	390 KB
29	beauty-upgrade.tw beauty-upgrade.tw — Cisco Umbrella Rank: 501296	1 MB
10	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 197	185 KB
7	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	126 KB
6	popin.cc api.popin.cc — Cisco Umbrella Rank: 19646 tw.popin.cc — Cisco Umbrella Rank: 61864 r.popin.cc — Cisco Umbrella Rank: 22158	118 KB
5	dable.io static.dable.io — Cisco Umbrella Rank: 16741 api.dable.io — Cisco Umbrella Rank: 16013 r-log.dable.io adx.dable.io	35 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	59 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	197 KB
4	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 934	175 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8028 www.google.de — Cisco Umbrella Rank: 5557	1 KB
3	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	400 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	31 KB
2	ptengine.jp js.ptengine.jp — Cisco Umbrella Rank: 120162	71 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	65 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 777	650 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	46 KB
1	workers.dev 1 redirects my1312-hat-23be.googlerootmm.workers.dev	570 B
0	daum.net Failed analytics.ad.daum.net Failed
124	20

	Domain	Requested by
29	beauty-upgrade.tw	beauty-upgrade.tw
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
8	pagead2.googlesyndication.com	beauty-upgrade.tw pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
7	cdn.ampproject.org	googleads.g.doubleclick.net pagead2.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	api.popin.cc	beauty-upgrade.tw api.popin.cc
4	connect.facebook.net	beauty-upgrade.tw connect.facebook.net
4	use.fontawesome.com	beauty-upgrade.tw use.fontawesome.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.facebook.com	beauty-upgrade.tw
3	fonts.googleapis.com	beauty-upgrade.tw googleads.g.doubleclick.net
2	api.dable.io	static.dable.io
2	www.google.com	beauty-upgrade.tw tpc.googlesyndication.com
2	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.de	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	js.ptengine.jp	beauty-upgrade.tw js.ptengine.jp
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.googletagservices.com	www.googletagmanager.com googleads.g.doubleclick.net
1	adx.dable.io
1	cm.g.doubleclick.net	1 redirects
1	r-log.dable.io	static.dable.io
1	0517484124fa920bd39ee4b495055c1f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	static.dable.io	beauty-upgrade.tw
1	r.popin.cc	beauty-upgrade.tw
1	tw.popin.cc	api.popin.cc
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.google.de	beauty-upgrade.tw
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	beauty-upgrade.tw
1	my1312-hat-23be.googlerootmm.workers.dev	1 redirects
0	analytics.ad.daum.net Failed
124	33

This site contains links to these domains. Also see Links.

Domain
line.me
www.facebook.com
www.instagram.com
www.youtube.com
www.tiktok.com
timeline.line.me
twitter.com

Subject Issuer	Validity	Valid
*.beauty-upgrade.tw R3	`2022-01-02` - `2022-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-07` - `2022-07-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-09` - `2022-02-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2021-10-22` - `2022-10-22`	a year	crt.sh
*.ptengine.jp Amazon	`2021-08-24` - `2022-09-22`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
static.dable.io R3	`2021-12-28` - `2022-03-28`	3 months	crt.sh
*.dable.io Amazon	`2021-07-11` - `2022-08-09`	a year	crt.sh

This page contains 11 frames:

Primary Page: https://beauty-upgrade.tw/
Frame ID: 87DDE64B813645201ECAFE31F255482D
Requests: 77 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html
Frame ID: B9BF5E461F1B79F343862D606A6CF0D4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=1904914005&adk=3948927683&adf=3002900970&pi=t.ma~as.1904914005&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690383&bpp=4&bdt=528&idt=207&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&correlator=7806545175662&frm=20&pv=2&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HMn5XfBWTv&p=https%3A//beauty-upgrade.tw&dtd=226
Frame ID: 719391C2D1C19E30B3128AE27E5632E6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=7753913158&adk=1337076885&adf=3061535993&pi=t.ma~as.7753913158&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690388&bpp=1&bdt=533&idt=237&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=350x300&correlator=7806545175662&frm=20&pv=1&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=slewYWTWzU&p=https%3A//beauty-upgrade.tw&dtd=246
Frame ID: A48B04BD6869AF8E7186CAA64C212BDA
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&adk=1812271804&adf=3025194257&lmt=1643619690&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690392&bpp=2&bdt=537&idt=252&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=350x300%2C350x300&nras=1&correlator=7806545175662&frm=20&pv=1&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=257
Frame ID: 85CC4FAE7AE93E178DBF710EA0F44B97
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: EFDCFD79565937DE451DC2341152D991
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs
Frame ID: ABC2625F1E0F40B79CC0B87A2150C999
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js
Frame ID: 5192995A839DAE43A829FABC8CA75BF6
Requests: 1 HTTP requests in this frame

Frame: https://0517484124fa920bd39ee4b495055c1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C9793216781B2F8C7BE5B6E139A35210
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B54170582B9035D89CEECDAE5C863DB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0213A7A523F7A6F4E310514BE1777C85
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

美力升級 Beauty Upgrade | 陪你一起美力升級Beauty Upgrade

Page URL History Show full URLs

http://my1312-hat-23be.googlerootmm.workers.dev/ HTTP 307
https://my1312-hat-23be.googlerootmm.workers.dev/ HTTP 301
https://beauty-upgrade.tw/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Ruby on Rails (Web Frameworks) Expand

Overall confidence: 75%
Detected patterns

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Page Statistics

124
Requests

97 %
HTTPS

71 %
IPv6

20
Domains

33
Subdomains

30
IPs

5
Countries

2974 kB
Transfer

6450 kB
Size

15
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://line.me/R/ti/p/%40ikr6163g

Search URL Search Domain Scan URL

URL: https://www.facebook.com/beautyupgrade.tw/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/beautyupgrade.bu/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCvOoPBv_a0MIZnUfah4wn5w

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/share/user/6518456912437772299?&u_code=cla6k9l0jjmhjm&language=zh-Hant&timestamp=1555560649&utm_source=facebook&utm_campaign=client_share&utm_medium=android&share_app_name=tiktok&share_iid=

Search URL Search Domain Scan URL

URL: https://timeline.line.me/social-plugin/share?url=https%3A%2F%2Fbeauty-upgrade.tw%2F

Search URL Search Domain Scan URL

URL: https://twitter.com/share?url=https%3A%2F%2Fbeauty-upgrade.tw%2F

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer.php?src=bm&u=https%3A%2F%2Fbeauty-upgrade.tw%2F

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://my1312-hat-23be.googlerootmm.workers.dev/ HTTP 307
https://my1312-hat-23be.googlerootmm.workers.dev/ HTTP 301
https://beauty-upgrade.tw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm HTTP 302
https://adx.dable.io/pixel/google?google_gid=CAESEB5AFjHFqrgx4jvFAsvhU78&google_cver=1

124 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
beauty-upgrade.tw/
Redirect Chain

http://my1312-hat-23be.googlerootmm.workers.dev/
https://my1312-hat-23be.googlerootmm.workers.dev/
https://beauty-upgrade.tw/

66 KB
22 KB

664ms
398ms

Document
text/html

2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://beauty-upgrade.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

283f94f6915aec886c5e39ad4fea18425d60fe2e24ed903c66f9252f2ad48ee4

Security Headers

Name	Value
Content-Security-Policy
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: max-age=0, private, must-revalidate
content-security-policy
x-request-id: b1f09370-ee35-4d48-bd12-2822117e44b7
x-runtime: 0.087697
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rm7v29ay7vwzkarwAXRmPr64pUXTlswKchcjevc3HnC5LYuAAQCfwY44kCTKSXLAdUic2gTBwBMqhNlJgw%2FbsZhWmsejwn253aSuxh5tAzciw0i7HL8joX2IeblkI7Mt8m8aDv7Eef7BPSWZCgtMMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d61c1731e58927d-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-type: text/html
location: https://beauty-upgrade.tw/
cf-ray: 6d61c16c4e116903-FRA
via: 1.1 vegur
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=koPlcUxf0vWsHgVVS3NlfBUx24aLI26diZI1sGXrCywTI2COhGfZ7wrBzasEkYdixgPE1yFygvELbY7qMZnGwF0%2FAM1FCwC1oovxgJ3PzYNKWfKj9AZWkbAG8phgmGvLv7MYa401VH99gMIyKEUp%2B1uc6ZqmX3bnREB1U3ax7vgRg%2Fu4uhkV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 all.css
use.fontawesome.com/releases/v5.10.2/css/ 55 KB
13 KB 39ms
17ms Stylesheet
text/css 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Request headers

Referer: https://beauty-upgrade.tw/
Origin: https://beauty-upgrade.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-encoding: br
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 475043
access-control-allow-methods: GET
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: PEM68F94KKPQBAHC
x-amz-id-2: IxN/+UrdgqutSgLnic1rr9EOAKZ3fjPvJYcTmbtiqXuRc6Vi/hZlh7WcT4tiIo6Tf4FcaF5jHz4=
last-modified: Wed, 30 Jun 2021 15:36:08 GMT
server: cloudflare
etag: W/"164a58dcca37a5b00c22e06ee8e2fc68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CnkHrr%2B8cPh9sVde%2BzScLnQFczUvoDXp3xQBvinEZkARiHcS2GqNrYqMTRnJHkV1Cj%2B%2FQ9eOCec7mD8qYtALwjR8OS5lxEXzPjJBX%2FmZq%2FNPcOLvSDNu8QdNgVhL%2FwJ17Asl8obljihqPxCxdZKPsDlP"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6d61c175d8c6923e-FRA

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 149ms
65ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4aca25e7ddb67eb2f6e25cd141dac926129abee9c87d81ddab948cfd6cae21cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52085
x-xss-protection: 0
server: cafe
etag: 2570581246276342115
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 09:01:29 GMT

GET
H2 200 application-ab2cabd3.css
beauty-upgrade.tw/packs/css/ 191 KB
27 KB 19ms
18ms Stylesheet
text/css 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beauty-upgrade.tw/packs/css/application-ab2cabd3.css
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2237d91e89de64f84f7ce13b06124b3820b6b5676f973ea2587258eb99ad50

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505076
cf-polished: origSize=196283
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 12:43:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qf1iNZSzkIlZXCzfTOWD%2Bw0RWmowkpGVcpFCF9nxXnNYxWTIFJ17cU9NFjABDUQvNet%2FUXCdEJpXHp2pd%2BLmo5OQwql3NwOnvTNogNNdSw76%2FtRlVzUv5tSrnW9zzYwdvIlh82%2BlYXyeDU9Gx3DXRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 6d61c175bcd2927d-FRA
cf-bgj: minify

GET
H2 200 application-8da27f20d10a1c8bdd6bd6239a31b50363263ab75b79fc16e27dbb42afb4fca9.css
beauty-upgrade.tw/assets/ 480 B
691 B 17ms
16ms Stylesheet
text/css 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beauty-upgrade.tw/assets/application-8da27f20d10a1c8bdd6bd6239a31b50363263ab75b79fc16e27dbb42afb4fca9.css
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5ecfb939562146e97d8495e51811ebcad4ce32f3e7ee205ae0067a0f1854315c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505076
cf-polished: origSize=492
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 12:43:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XxpM5GntobJ7GG2QG%2F3BqYu6HgqZ2Kk1S%2FQ167IW312YMbcyvoHZPg6OlRG%2BITHxMrpmszUP0eOP3S7bGOK8c10g%2FyiZbbKAky%2Fz6ktm8k4NmiHqbg1Cy9W5EdhIfLW2Qhii%2BT%2Btdhep4eXFM%2BUKhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 6d61c175bcd4927d-FRA
cf-bgj: minify

GET
H2 200 application-0930c51fa5da74a404fe.js Show response
beauty-upgrade.tw/packs/js/ 959 KB
254 KB 27ms
26ms Script
application/javascript 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beauty-upgrade.tw/packs/js/application-0930c51fa5da74a404fe.js
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3833674267350b33175e103aea03cdecfadd06d54288e1725b6c02a1a5b0d0da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505076
cf-polished: origSize=982094
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 12:43:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ohMWNxJ2cSVmfVJNDmfjSWr6dEQZG6jYbwWgnDw20qE3%2FbXlEHV%2FOHnGWA%2BiaVBKoohqxUXWF%2BfZGxYZqPvTXPw4NMjVdbsg%2Fb2e2RY%2BsUXlstNcz4NBRHMZTNNYICPo3T7Gi%2Bt1xh21JnEIqB7Jfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 6d61c175bcd9927d-FRA
cf-bgj: minify

GET
H2 200 application-130ff0e0c1bf488bebae0987356a9e91688d7cc8eaea576e715d8981f766f7f4.js Show response
beauty-upgrade.tw/assets/ 39 KB
12 KB 20ms
19ms Script
application/javascript 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://beauty-upgrade.tw/assets/application-130ff0e0c1bf488bebae0987356a9e91688d7cc8eaea576e715d8981f766f7f4.js
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 185337a2e6b4db84abe97e265527448cced24043e740754b935bd23087cc4f66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:29 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 505076
cf-polished: origSize=40316
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 25 Jan 2022 12:43:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=71pZtn9fJPYgdDGCW9UISRJFqVe%2Fxzpyx8Yog8rwanlo9eaGlR%2BQIdYK1XkjNwhE41sRFTsulvmWOd6EmKphlbLfcypoZ4zCnrYm4d4869DJA08q2%2BZxevtM1%2FFK%2FMtIC5ZXaOoXqB3kBiEOOUxcjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 6d61c175bcdc927d-FRA
cf-bgj: minify

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ecca15ce8c23c1788d52d17050e780228715017b17ff5c51825d85619bb5ef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beauty-upgrade.tw/
Origin: https://beauty-upgrade.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: p9hArSRkw0bBxioqgAEikQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-ua-compatible: IE=edge
x-fb-debug: /r0ELEoTGlif9bygO16JdL6iffFNA6RXSsSiWAYZKjRAEkV8elxkSz4sSA9ntkc749A2axFq53xunZ1Jw/06bA==
x-fb-trip-id: 686109401
x-fb-content-md5: 4b088cdf1968f1de2080b7033aba96ce
x-frame-options: DENY
date: Mon, 31 Jan 2022 09:01:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3306959cb31ab2e3ccf4e6ab196749da"
timing-allow-origin: *
expires: Mon, 31 Jan 2022 09:01:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 128 KB
46 KB 153ms
68ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8Q35

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1252c3bdeb216a3e70e0719c9d03850e0ecd37f0f9eb98de4c3b966b1d65d083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46847
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:01:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 105 KB
29 KB 153ms
59ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=ZCOOL+XiaoWei&display=swap

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/packs/css/application-ab2cabd3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

885cbf06b8ae0f423349f0987996dafb05c810033368bda2657f366c66ee4639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 09:01:30 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 09:01:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 09:01:30 GMT

GET
H2 200 nicomoji.css
fonts.googleapis.com/earlyaccess/ 586 B
675 B 147ms
54ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/nicomoji.css

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/packs/css/application-ab2cabd3.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8cdece7cf20ac6ffc2a137d4beb1750c7479cd675f0b9977e751300f1d7154c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:01:30 GMT

GET
H3 200 %E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-2021-01-20T125158.909.jpg
beauty-upgrade.tw/wp-content/uploads/2021/01/ 42 KB
43 KB 20ms
20ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2021/01/%E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-2021-01-20T125158.909.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e5b748d6ba91870c0397279cb5e2dda22df263a34389b6dfaa89393debbb8e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2159
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43125
last-modified: Wed, 20 Jan 2021 03:52:40 GMT
server: cloudflare
etag: "a875-5b94ce2fe871e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glQGtdDq5eNCrS2xj2bP0CnfW%2FmnMsXLv92K28ivhfH1%2BWNEO1OoRqVt3AT1JNJ9Sp0JJFjsRVBMr6WHYZIKYNV5DY5Z7njcQNhgv7RA%2F4QrRp3n9ARg06n3VA1CcbmIiFOWTWRtBR9XpF6lYWYH2g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1773c3e9290-FRA

GET
H3 200 cover.jpg
beauty-upgrade.tw/wp-content/uploads/2020/04/ 37 KB
37 KB 30ms
29ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2020/04/cover.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c78b4de720c4aa63376cbcf1a526a69fc7134cb7da8c6bf9939dcec806effd2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 37391
last-modified: Wed, 15 Apr 2020 09:34:54 GMT
server: cloudflare
etag: "920f-5a3510758a076"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2n3yVHXWI1oI8omE7LF4r9wfSG4veRcI8%2F0yiw%2FiWHSk8msZ7xWlg2XJ1mfwcaDOFLyjmDRjRtYTegZS9rdoOFnohXjrSrrRp8gymYIA6kZqegWGPXi3TlxsdYD9sXROtzAH%2FoD%2BzhhOXul2E1C3%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1778cd39290-FRA

GET
H3 200 Untitled-design.jpg
beauty-upgrade.tw/wp-content/uploads/2019/12/ 40 KB
41 KB 23ms
21ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/12/Untitled-design.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a4017778e6ddb534b9a584ce8eff7f14cc3c5f4f2fa2aecdbb8fdebdc148a4e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 804
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 41368
last-modified: Wed, 11 Dec 2019 09:29:54 GMT
server: cloudflare
etag: "a198-5996a4570e38c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qIuvrMefKpIB1DJ2rY32aP2Ofw9eWW3hBgGCxqW7axNVeZWmoictY8Qs%2FFBrb1VorMg9jWvoBHxCLK4OmVfR6j2MS7BMtNWJYib84w5KyQ2Ho2%2FDqRXRudqX5AaULpGD9jF2ZeFj8pQ3mr1SbQrkMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1778cd49290-FRA

GET
H3 200 %E6%99%9A%E5%AE%89%E5%85%A7%E8%A1%A3%E7%9D%A1%E7%9C%A0%E5%85%A7%E8%A1%A3%E6%8E%A8%E8%96%A6.jpg
beauty-upgrade.tw/wp-content/uploads/2020/06/ 32 KB
32 KB 32ms
30ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2020/06/%E6%99%9A%E5%AE%89%E5%85%A7%E8%A1%A3%E7%9D%A1%E7%9C%A0%E5%85%A7%E8%A1%A3%E6%8E%A8%E8%96%A6.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7812233493c564ee5eb2bcd8484cb4a0fcd06776e464685cd420635939918afe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 32263
last-modified: Wed, 03 Jun 2020 10:02:15 GMT
server: cloudflare
etag: "7e07-5a72b1f67bc74"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ns6Otj9voDyfqNGYYqHK%2BYdnXX%2BvKP62xBVNdR8JegKmtsODytSGyES4beyZixg9YMVo8D4Ibv8n1W7Qz5jBibGPakU4nJ0oXUALhip2b2npCGcUULYksFYNzczIQcYhtiDlFcvPADnjkeJXhp9fUQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1778cd59290-FRA

GET
H3 200 collage-2.jpg
beauty-upgrade.tw/wp-content/uploads/2022/01/ 66 KB
67 KB 40ms
38ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2022/01/collage-2.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb20d115c3491d0bd807c03a870b8f584c062d801ec89e2a094b9ea86857dd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2158
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67534
last-modified: Mon, 31 Jan 2022 04:14:51 GMT
server: cloudflare
etag: "107ce-5d6d906a50af8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pYf3u6GvMZpbuXs3KPFNl4xINETf%2BlFz03p1oHBz%2B77zLx3X1LHjnAUQNHbq2E9n4EzwcCXcUhoXN7ujheyll%2B5aKp8Ao6cBBLuDEsagdAEr9d7r%2FUtMXpOgae9tkYrTc2jiGjpaVn2KScgsLUNelA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1778cd79290-FRA

GET
H3 200 collage.jpg
beauty-upgrade.tw/wp-content/uploads/2022/01/ 62 KB
62 KB 42ms
40ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2022/01/collage.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 140b2a2309a40c4f101c6311e73b8f501418ef6a69c42e81f7961b0fd4066572

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63223
last-modified: Mon, 24 Jan 2022 08:47:13 GMT
server: cloudflare
etag: "f6f7-5d65003d158b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GipYKQI0kVr2h47%2FFjLYRSH%2BSk0WpMcO6s1pX7ghLtowt9z3hq5Pg1kLFakIB0nksNrQlaoO7CZ%2BS3tOTJWvCkwy%2FrGuUqpFEYxp072QCWkQvEEzpe6qFe%2BLdmsRclhpOCme99AGPI63OScD4qXZgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1778cd99290-FRA

GET
H3 200 %E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-1-7.jpg
beauty-upgrade.tw/wp-content/uploads/2018/12/ 52 KB
52 KB 49ms
47ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2018/12/%E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-1-7.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae04949152b6bf5b6d194a56292c7ad4015200235404eca8e6fe676a0cd66b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53031
last-modified: Thu, 27 Dec 2018 03:18:42 GMT
server: cloudflare
etag: "cf27-57df8674e86de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3EjvnHp2R%2F5xFe1JGA6qKPnnCca3OhCS%2Bcn8mXOsexspcIy6wNprFhcKxCCnPeJ02xqSxubPornOOSDK4OuYn9LHIgGh%2B360FAvWQ3FhMqWm460Yp%2FmH3wUEuSRHNS%2Bl5k8gyzHJI7S9C8C73p4H1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1778cf19290-FRA

GET
H3 200 %E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-6.jpg
beauty-upgrade.tw/wp-content/uploads/2021/02/ 61 KB
62 KB 50ms
48ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2021/02/%E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-6.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8caf2ae9969d0ce386addf04c53d2b7fc7548d0328099329ed68300959b4e47b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 800
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 62510
last-modified: Mon, 15 Feb 2021 04:38:32 GMT
server: cloudflare
etag: "f42e-5bb588ee88ca3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a1jc%2FWDmwUpFDEhyUw3hUOIymMTXXewoXFViaGxw3sOPFCG9JvNbO%2F43CjoQwRZmduGm31MVGiJJ%2FxPQ56OFkr2EBkyE8LLW9wjA0BysTeCvZcS2fjqsuFA%2BGq%2B%2Bv%2BSJ1GdMZ5T55xNEBn8jS1L8Kg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1778cf49290-FRA

GET
H3 200 %E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-6.jpg
beauty-upgrade.tw/wp-content/uploads/2021/04/ 23 KB
24 KB 469ms
467ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2021/04/%E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-6.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c59b0a807889fa50043a800ac58dc2abae8d2e8e96b6decab6dd038811698c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: MISS
last-modified: Mon, 12 Apr 2021 07:37:47 GMT
server: cloudflare
etag: "5dd3-5bfc1970bb5a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MXhY%2F8um%2BspJQEBBMwHcxxvuy2TT1rC%2Bt%2BMhte7J1BZRP8zwxEfvr6QG5wjpqRNhoPKeXcLlHH3DrEqP1U33dX4IDDb%2FmA3UQk%2BJ%2F5kaRkBZcZQtZypsabiJREsgWWg05asoEplSZqgb%2BX%2BrA3rIw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d61c1778cf99290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24019

GET
H3 200 collage-1.jpg
beauty-upgrade.tw/wp-content/uploads/2022/01/ 45 KB
45 KB 585ms
583ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2022/01/collage-1.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 95b6ae8d835a43eb61c658e1804398a616074e2ad6b071ea2fcdd3818064f2ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: MISS
last-modified: Mon, 31 Jan 2022 02:53:04 GMT
server: cloudflare
etag: "b2e7-5d6d7e22edb1e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=03PY9DF5K%2Blm6k3TcwGPVvn4w8i1%2BgkqRh%2BhFJxjFY4stjkOIXdd0Y%2FbYBp3iUyX3QvgN8I6jxsEhrhBUYJ1xmGaFJHJHUxrVpTW%2FDf5dtlO1h9%2BtWnAHmouFPvfS%2FrVtrl5txHH7ANSkACeMWNaPw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d61c1778cfa9290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45799

GET
H3 200 next-8125e7832b237253c3d448897cd899cb9834fa7fbd2b486756b0a834760e3ae1.svg
beauty-upgrade.tw/assets/ 494 B
835 B 313ms
311ms Image
image/svg+xml 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/assets/next-8125e7832b237253c3d448897cd899cb9834fa7fbd2b486756b0a834760e3ae1.svg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8125e7832b237253c3d448897cd899cb9834fa7fbd2b486756b0a834760e3ae1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Jan 2022 09:01:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ezkA2TI1cWeJhvMAHpW%2BYnuL5KXEkJMfY677crPZte2kHnxXWr9Ly28B%2BwRrCXaVjs10shAP%2BsM69TVAl1ne18TzqRpztd%2FOZwfc0LMpJyfdRkpVNWfRWmXPE2jVybvWWSl6uLO70RPxNkTxtJRNgA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d61c1778cfc9290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 prev-8937a1398507aade032e80c8de86bc1787aac872c4bbefb460514a37fcace993.svg
beauty-upgrade.tw/assets/ 483 B
833 B 322ms
320ms Image
image/svg+xml 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/assets/prev-8937a1398507aade032e80c8de86bc1787aac872c4bbefb460514a37fcace993.svg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8937a1398507aade032e80c8de86bc1787aac872c4bbefb460514a37fcace993

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 31 Jan 2022 09:01:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uePrnK0dhON9CWAALDWllNOyyU7CGZQxc82wp%2BW8A5tR3LeT23nwCUgiR5ID%2Bn7RRjUm3dNY4DeBAL1PVE2b0L5gTGif2ATIPc2t%2BOfGp5PbxFab4SNQ65Q3TlvYmEEee%2B4zXXdCt05HOmv3ge4%2BqQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=315360000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6d61c1778d029290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/ Frame B9BF 10 KB
5 KB 122ms
38ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220126/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Sun, 30 Jan 2022 15:32:23 GMT
expires: Sun, 13 Feb 2022 15:32:23 GMT
cache-control: public, max-age=1209600
age: 62947
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 74 KB
74 KB 56ms
45ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff

Request headers

Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://beauty-upgrade.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196577
cf-ray: 6d61c1780e639279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75408
x-amz-id-2: tycDiH1KQ6DoiuS9R32ui4r37JGqxt1XVGoMigPio15ps7DktjsFXoyPYcNnP3Di6dEZYBouQvc=
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
server: cloudflare
etag: "d6d8d5da9214dc7d46b297672a602d55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hf%2Bsrq01v%2BLF8eesecA03gmv8FQ2gnd9hNn6xgaL%2BZl2tooDFUXBnafrf3s0gE0KKkW5EiI8cTVXqhUVpqUlakvwSKw7px1rKMU2ATnvCzkR%2FBR2mcOQ82CmhQlzlbWJ%2F4XhqHTcBDvXgg%2B6Egx5cuZA"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: MPTRV4NGXNTSP85E
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 73 KB
74 KB 38ms
27ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d

Request headers

Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://beauty-upgrade.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154783
cf-ray: 6d61c1780e669279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74524
x-amz-id-2: ppLJhISHVtZUj9iCuRtJTfIQRhVCnL3ySBrC2sNMhtGzAyPoJYz8fusx8vTYyrgqjY4pwdJRIsI=
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
server: cloudflare
etag: "3e1b2a654a784ceb385157140b4ccd71"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoIh3NFGmtzaimBvDD8aTz9uz29VB%2FneBPZRCs7c5rvwUg7fSODJOP7BGrDoR7nehm1cH2BvTT3Uck86MbtCVm5MTUfoaMuAAGCt83Y5gCTHK3j0N%2FnRCEGsf7mwnLDNM2%2BbfZZJ5Xjpwxjvch%2FoXNRD"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: EANE776XGHN0N5AH
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H3 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.10.2/webfonts/ 13 KB
14 KB 62ms
52ms Font
font/woff2 2606:4700:3037::6815:4e07
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.10.2/webfonts/fa-regular-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb

Request headers

Referer: https://use.fontawesome.com/releases/v5.10.2/css/all.css
Origin: https://beauty-upgrade.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196577
cf-ray: 6d61c1780e659279-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13584
x-amz-id-2: jKRouVJ5kGmTWVkKuc8Rkq4g7eCt/FT4GAerZmBUY6uzMLhbnLDQoPDsdF+Ski9iSlbAeTS/aNk=
last-modified: Wed, 30 Jun 2021 15:36:28 GMT
server: cloudflare
etag: "ac21cac3f22cc9642f5af32e0c750797"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r4%2BRoLn0yy4imbnpw1Awu6R%2FsPYClnVAOtPsy8hQ%2FsibL9wzE5KQN%2BcK9tT6y66NdotUUf9IV4cG53kdftYoP%2FUiaxzQtOyBnxwN6E39GvKM9gZnnvlxZP8LKz0AEUV1CNQ57xcl71i8IfI4i71PnLxy"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: MPTT32NMP29XRE4J
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/ 283 KB
102 KB 114ms
66ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2708610541573516&plah=beauty-upgrade.tw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 104322
x-xss-protection: 0
server: cafe
etag: 107536255599717519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 31 Jan 2022 09:01:30 GMT

GET
H/1.1 200
OK beauty-upgrade.js Show response
api.popin.cc/searchbox/ 174 KB
40 KB 1341ms
546ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/beauty-upgrade.js
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/packs/js/application-0930c51fa5da74a404fe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 0a271c0fef35043cb93ff408a74040cf49335a0410c8083769492a5ae0779a2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 09:01:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jan 2022 09:20:07 GMT
Server: nginx
ETag: W/"ca345b83fbb3cb453daca70878a5619c"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: iR8Gp.Z3M1wzzWxBQ3dY8Vrvuy2R8_sr
Expires: Mon, 31 Jan 2022 10:01:31 GMT

GET
H3 200 %E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B7%E3%82%99%E3%83%A5-5.jpg
beauty-upgrade.tw/wp-content/uploads/2018/07/ 43 KB
43 KB 23ms
23ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2018/07/%E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B7%E3%82%99%E3%83%A5-5.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04413880a17a542aafb6b7ae5b305a3508d747131a56b4c14e5ab6551deeb52f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 802
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43847
last-modified: Mon, 16 Dec 2019 06:37:40 GMT
server: cloudflare
etag: "ab47-599cc72b2a1c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=irV1QiJb8CO2sGSP%2F4vSEItuqPvMrBswafpYkgsIHq79cqo46HUi8kkRhZr%2BC8zIK0%2FYNahMLdZ1Rg9d3vvVTeFa2tW3IwvfIfYFpntVnZr6XaQddHgXOQtRVGVPEP%2FVmRp7oexPmc38isojfe1NQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c178ffe49290-FRA

GET
H3 200 %E7%94%B7%E7%94%9F%E7%9F%AD%E9%AB%AE%E7%94%B7%E7%94%9F%E9%AB%AE%E5%9E%8B%E6%8E%A8%E8%96%A6%E7%9F%AD%E9%AB%AE.jpg
beauty-upgrade.tw/wp-content/uploads/2019/06/ 42 KB
43 KB 22ms
22ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/06/%E7%94%B7%E7%94%9F%E7%9F%AD%E9%AB%AE%E7%94%B7%E7%94%9F%E9%AB%AE%E5%9E%8B%E6%8E%A8%E8%96%A6%E7%9F%AD%E9%AB%AE.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 874998d163d61cbef922ed489b9dbe434050ad15a550122ca66cad3e6808c8fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4541
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43486
last-modified: Wed, 13 May 2020 03:20:34 GMT
server: cloudflare
etag: "a9de-5a57f10289519"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkJE3ZPd%2FrsOXq2csuU5FSygoM2iu2g6P1V0ESamDdzDLOvcS0UOYSBWL%2FVw47ui49HpHrsdJ4fSM2DwZFhAmD0kLx2UNBDY0Avw40k7CYFAJ3bGVx9bAYfiDXnfpk9ePuFsuio%2FgxaLl%2F39QXZolQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c178ffe79290-FRA

GET
H3 200 %EF%BC%91%EF%BC%92%EF%BC%93.jpg
beauty-upgrade.tw/wp-content/uploads/2019/08/ 78 KB
78 KB 34ms
33ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/08/%EF%BC%91%EF%BC%92%EF%BC%93.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee52b8685f9a20fe0e68a0ca0e572aaa32bf1bdafce89f5853bc4338be991f3e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 802
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 79609
last-modified: Mon, 05 Aug 2019 02:36:04 GMT
server: cloudflare
etag: "136f9-58f5591ce6284"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JNZvUUHVBKYVds2upwA7U5FvvXcP2kZjej%2FbXQNY7giBn70px3GC0vPK3VMRWPAsCGxphHxFNVbGutJcJYoT%2Br0LwyhoU00x1S3%2FJBzgJHaYKxK0xOnksEf57SAR419cKBAEFQoRgD%2FUfCHQjKKDvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c178ffe99290-FRA

GET
H3 200 avforwomen-486x290.jpg
beauty-upgrade.tw/wp-content/uploads/2019/10/ 17 KB
18 KB 36ms
36ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/10/avforwomen-486x290.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77502630683d2be93f717d9755734bc7275175d9d49a96ac8f9dd5c2001502f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17446
last-modified: Thu, 10 Oct 2019 12:33:59 GMT
server: cloudflare
etag: "4426-5948d9da1d1b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kR1dEJ6cHJILclRsw4EhTypBp2%2FAuyNUG35lpFa%2Bn3H63e66A8c8QEyg8vqqt7q8S%2BJ%2BIvva%2FJgOJI4i1%2FECLnJglryAxW4sDrSoddDyO4CKVJc1jKb30cxI930taoSXJlZ%2Bl1iTcb%2BT1DTTD792Jg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c178ffee9290-FRA

GET
H3 200 cooperation.jpg
beauty-upgrade.tw/wp-content/uploads/2019/07/ 123 KB
124 KB 24ms
24ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/07/cooperation.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e61b19230e1982245788d9911deb35e82aac0318a214bcf4d8317b83a7e863e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 801
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 126432
last-modified: Thu, 25 Jul 2019 03:17:20 GMT
server: cloudflare
etag: "1ede0-58e78dd1c7312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f61locLxsJAV8QPGAvsUJE1C2myngV5%2Bd7WgGM8vjiSHfM0N7%2B%2F6mdxRcrM%2FdH1br6kUlwea%2FOVyjm3H5jEfx9tW%2FyvFF7Ei4uMaRSvmCnpXi%2B5LigFVjPAkgBSZyVG7E541QAqKwsdmvGle9ymcJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c178ffef9290-FRA

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 290 KB
82 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=464bd15376b25c8fc6928c0bf1e0cece

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b8a454a583240c7b3de19b7c24d4d0275710c0aef795a319203740ad4dff29d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://beauty-upgrade.tw/
Origin: https://beauty-upgrade.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: S5NLDzNw4ouCbMXzYe3oOA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83592
x-fb-rlafr: 0
x-fb-debug: DesU+VOgsgc3UB3g8aaiLJGPnqvmYW0YtqSXg4WUXFGVvHggHCsfdTiMcn6Ev0aykQgVS/MwltDnY5Kmj9tySQ==
x-fb-content-md5: 542fdddc40fed510c30c7b9374c0da7d
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 31 Jan 2022 09:01:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "260252e92e8cafbb81a48c3513c49917"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 31 Jan 2023 08:10:03 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 138ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8Q35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1118 / 709 of 1000 / last-modified: 1643411190"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Jan 2022 09:01:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 120ms
36ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K8Q8Q35

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5196
date: Mon, 31 Jan 2022 07:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 31 Jan 2022 09:34:54 GMT

GET
H2 200 pta.js Show response
js.ptengine.jp/ 1 KB
955 B 84ms
8ms Script
application/x-javascript 2600:9000:2156:9800:14:3d35:8f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ptengine.jp/pta.js
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9800:14:3d35:8f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff3b6e3cf3d9e078d57462353e3767216ee88bd4fbfb0331b0a16069dc684034

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:58:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 08:28:54 GMT
server: AmazonS3
age: 212
etag: W/"19ad11552babf865c6ba2a8e587da4d7"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control: public,max-age=300
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: tfLog4fvCFATftpx8LGCYuBTx1I6scoUpfpJ78yJYByScD82z-BdCQ==

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
26 KB 17ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 26237
x-xss-protection: 0
pragma: public
x-fb-debug: x3hTOlPCmF7RKDAoBswMOBmHvacgHKBDtuJYTJwdF3VyIENBbtOXnnVTkeSvh+pkGzPgN7UJvR/cedgtLsKbRg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 31 Jan 2022 09:01:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 25ms
9ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=112651685520077&ev=fb_page_view&dl=https%3A%2F%2Fbeauty-upgrade.tw%2F&rl=&if=false&ts=1643619690516&sw=1600&sh=1200&at=

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 31 Jan 2022 09:01:30 GMT

GET
H3 200 288222805146104 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 55ms
54ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/288222805146104?v=2.9.51&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2dd7d3e06eac3daf3ebc60369b879dc3a81a97bc97d403de79b7ea0199c0400b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: n35Q1uQ9JLx7yK3wXOtllVAMMGsQxdWI4ZcDY6F1vhiqxATDpHMVmN67KtS6A8K7hgIRYAbdE51GB6XxYnEuww==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 31 Jan 2022 09:01:30 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 2020springlip.jpg
beauty-upgrade.tw/wp-content/uploads/2020/01/ 65 KB
65 KB 606ms
606ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2020/01/2020springlip.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 144ce41ed31431fbca1baf94e51ee09a29c45dc646b98fdf7ae6772add32d908

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:31 GMT
cf-cache-status: MISS
last-modified: Mon, 20 Jan 2020 08:33:17 GMT
server: cloudflare
etag: "1035f-59c8e24a5df42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ebkj8fhKjY0KQpHe4mU5Dq6b6sLb%2FxJj84ZGp%2F1qKDNGzxxo0pKWEAsMqYHWwug3dX7rfm7hQCSSa9wkvOwpscQVjx20i1NlqQTNSvG2MhzmZmWeZ0VIpbN7lPdY58oJcW2tjt98V0oEbF%2Bx2Y28YQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d61c17a0a079290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 66399

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
650 B 137ms
49ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=beauty-upgrade.tw&callback=_gfp_s_&client=ca-pub-2708610541573516

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202201200301/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2708610541573516&plah=beauty-upgrade.tw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7c2c9d86d174ce03da043c808e144be0d1838397d9e28e7434bcda1344e384da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 206
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 128ms
45ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=beauty-upgrade.tw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
48ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=beauty-upgrade.tw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 09:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7193 188 KB
29 KB 755ms
708ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=1904914005&adk=3948927683&adf=3002900970&pi=t.ma~as.1904914005&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690383&bpp=4&bdt=528&idt=207&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&correlator=7806545175662&frm=20&pv=2&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HMn5XfBWTv&p=https%3A//beauty-upgrade.tw&dtd=226

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

449f9776daf23009a4f4d0c50a059284f5e4538ee79b9628550bd9bad8690b2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-expose-headers: x-google-amp-ad-validated-version
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 31 Jan 2022 09:01:31 GMT
server: cafe
content-length: 30145
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 09:01:31 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A48B 80 KB
29 KB 1110ms
1088ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=7753913158&adk=1337076885&adf=3061535993&pi=t.ma~as.7753913158&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690388&bpp=1&bdt=533&idt=237&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=350x300&correlator=7806545175662&frm=20&pv=1&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=slewYWTWzU&p=https%3A//beauty-upgrade.tw&dtd=246

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d689cd97fa6995a9c9064b6210fd050944c4a1c532d1c7c2ff65c43b4c970a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Mon, 31 Jan 2022 09:01:31 GMT
server: cafe
content-length: 30149
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 09:01:31 GMT
cache-control: private

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 72ms
72ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&tn=DIV&cls=control-btns&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 09:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 85CC 0
19 B 56ms
49ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&adk=1812271804&adf=3025194257&lmt=1643619690&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690392&bpp=2&bdt=537&idt=252&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=350x300%2C350x300&nras=1&correlator=7806545175662&frm=20&pv=1&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=257

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 31 Jan 2022 09:01:30 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 31 Jan 2022 09:01:30 GMT
cache-control: private

GET
H2 200 6bcc6511.js Show response
js.ptengine.jp/ 223 KB
70 KB 924ms
923ms Script
application/x-javascript 2600:9000:2156:9800:14:3d35:8f40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.ptengine.jp/6bcc6511.js
Requested by: Host: js.ptengine.jp
URL: https://js.ptengine.jp/pta.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:9800:14:3d35:8f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b6727ffae1e5c28437d17630f586989aa8272cb7ced1bdebfd00973b7ebe0966

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:32 GMT
content-encoding: gzip
last-modified: Sun, 30 Jan 2022 15:07:28 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"39a7d0a4bf46fcfdedbd43cb3eb74f03"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffa.cloudfront.net (CloudFront)
cache-control: public,max-age=300
x-amz-cf-id: BGu60VTpPkvvOSrc8lP1fphjnlCG2dCbEqabw3qWfg08REATmDVivA==

GET
H3 200 /
www.facebook.com/tr/ 44 B
90 B 17ms
8ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=288222805146104&ev=PageView&dl=https%3A%2F%2Fbeauty-upgrade.tw%2F&rl=&if=false&ts=1643619690665&sw=1600&sh=1200&v=2.9.51&r=stable&ec=0&o=30&fbp=fb.1.1643619690663.1797664118&it=1643619690529&coo=false&rqm=GET

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 31 Jan 2022 09:01:30 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 88ms
43ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=267879970&t=pageview&_s=1&dl=https%3A%2F%2Fbeauty-upgrade.tw%2F&ul=en-us&de=UTF-8&dt=%E7%BE%8E%E5%8A%9B%E5%8D%87%E7%B4%9A%20Beauty%20Upgrade%20%7C%20%E9%99%AA%E4%BD%A0%E4%B8%80%E8%B5%B7%E7%BE%8E%E5%8A%9B%E5%8D%87%E7%B4%9A&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=933751462&gjid=1814218152&cid=1732217904.1643619691&tid=UA-120764954-1&_gid=256874567.1643619691&_r=1&gtm=2wg1q0K8Q8Q35&z=1839672918

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://beauty-upgrade.tw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 09:01:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://beauty-upgrade.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022012701.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 128ms
41ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 879
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122333
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 09:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 08:46:51 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c08::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-120764954-1&cid=1732217904.1643619691&jid=933751462&gjid=1814218152&_gid=256874567.1643619691&_u=YAhAAEAAAAAAAC~&z=1383352595

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://beauty-upgrade.tw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 31 Jan 2022 09:01:30 GMT
content-type: text/plain
access-control-allow-origin: https://beauty-upgrade.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 134ms
52ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120764954-1&cid=1732217904.1643619691&jid=933751462&_u=YAhAAEAAAAAAAC~&z=654606898

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 09:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 146ms
62ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-120764954-1&cid=1732217904.1643619691&jid=933751462&_u=YAhAAEAAAAAAAC~&z=654606898

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 09:01:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/tr/ Frame EFDC 0
15 B 7ms
7ms Document
text/plain 2a03:2880:f11c:8083:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://beauty-upgrade.tw
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

content-type: text/plain
access-control-allow-origin: https://beauty-upgrade.tw
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 31 Jan 2022 09:01:31 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012111152338000/ Frame ABC2 190 KB
55 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/amp4ads-v0.mjs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=1904914005&adk=3948927683&adf=3002900970&pi=t.ma~as.1904914005&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690383&bpp=4&bdt=528&idt=207&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&correlator=7806545175662&frm=20&pv=2&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HMn5XfBWTv&p=https%3A//beauty-upgrade.tw&dtd=226

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55581
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8559bae154d80579"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame ABC2 13 KB
5 KB 191ms
101ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4994
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b314c3eb801664ba"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame ABC2 89 KB
28 KB 194ms
105ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-analytics-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "976e6f5df80f4e35"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H2 200 amp-animation-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame ABC2 71 KB
16 KB 218ms
129ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-animation-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969b5f20e50624afd483ec6e5e8767fafffbaf0b2fb046f034ace12c1e45a094

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 298357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16734
x-xss-protection: 0
server: sffe
date: Thu, 27 Jan 2022 22:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "35a471314f0fc88f"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Jan 2023 22:08:54 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame ABC2 5 KB
2 KB 211ms
122ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-fit-text-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "423ab13fb6ff63c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012111152338000/v0/ Frame ABC2 40 KB
13 KB 212ms
123ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/v0/amp-form-0.1.mjs

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 250524
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12843
x-xss-protection: 0
server: sffe
date: Fri, 28 Jan 2022 11:26:07 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08cf721d9e54e414"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 28 Jan 2023 11:26:07 GMT

GET
DATA 200
OK truncated
/ Frame ABC2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e87428844caed0d811c783476ad57b90022d9142a25c7f92f4a940cfefed211

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img-bg-0.jpg
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 17 KB
17 KB 177ms
91ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-bg-0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ecae812008e30d9d32815ff5f2f115b81a2a72a29f4e8518d86347dd9f5309f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 23:03:27 GMT
x-content-type-options: nosniff
age: 381484
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17036
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 23:03:27 GMT

GET
H2 200 img-bg-1.jpg
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 9 KB
9 KB 190ms
104ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-bg-1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

666950fc1ff6572504e2fe51cf745ba35b5367f8fd334791a4a28f59efdf9842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 02:21:54 GMT
x-content-type-options: nosniff
age: 542377
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9569
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 02:21:54 GMT

GET
H2 200 img-phone-front.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 31 KB
31 KB 207ms
121ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-phone-front.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32b10d602aa2548ab2b3282986ba409a2ec9ba4f40b5a2354d37a622c0b2eb59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 14:53:44 GMT
x-content-type-options: nosniff
age: 497267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31622
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 14:53:44 GMT

GET
H2 200 tf-0.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 3 KB
3 KB 127ms
42ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/tf-0.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

982043ff911d2a9d06f4fca5189f083345ba78031468d75d5ee484cac7cb0d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 14:53:44 GMT
x-content-type-options: nosniff
age: 497267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3003
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 14:53:44 GMT

GET
H2 200 tf-1.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 3 KB
3 KB 223ms
137ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/tf-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b30bb60212d3df9289adb8e0067eaf0b1d5a6b7ae781755dbbbab4c2e70f2005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 14:53:44 GMT
x-content-type-options: nosniff
age: 497267
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2574
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 14:53:44 GMT

GET
H2 200 tf-2.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 3 KB
3 KB 123ms
44ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/tf-2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7435d3e2c2df2c7879f1af0930e141fe9b9efa651c9a7d60219c86f65e2e57df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 17:23:58 GMT
x-content-type-options: nosniff
age: 488253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3400
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 17:23:58 GMT

GET
H2 200 img-handy-1-2.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 16 KB
16 KB 219ms
140ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-handy-1-2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

922de89b70b182ac889adc7bd9ce97b6ced9ab60c2854402fe216fa8f4c7918f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 08:58:22 GMT
x-content-type-options: nosniff
age: 518589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16433
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 08:58:22 GMT

GET
H2 200 img-handy-1-1.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 15 KB
15 KB 191ms
112ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-handy-1-1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87ed9756740323fd15924f49dab99a1c27d770ff02bb2c6d82f5aae84bba4896

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 23:40:31 GMT
x-content-type-options: nosniff
age: 379260
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15698
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 23:40:31 GMT

GET
H2 200 img-handy-1-0.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 30 KB
30 KB 126ms
47ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-handy-1-0.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d4df93cb480722a620e6dbf1cda617b1db72dbadb3687228a140323a57a5cff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 06:01:12 GMT
x-content-type-options: nosniff
age: 270019
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31048
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Jan 2023 06:01:12 GMT

GET
H2 200 tf-3.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 3 KB
4 KB 191ms
112ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/tf-3.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15314a37df0e3723149b52e09885c4d2d3f8358a9710d1170e625e4265c9a4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 13:28:41 GMT
x-content-type-options: nosniff
age: 329570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3498
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Jan 2023 13:28:41 GMT

GET
H2 200 img-stoerer.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 2 KB
2 KB 125ms
45ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-stoerer.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0b51ca8f3f69c164d8c44e9e2ee1e0cd7d1db5631c9072090219f9943525c66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 23:03:27 GMT
x-content-type-options: nosniff
age: 381484
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2279
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 26 Jan 2023 23:03:27 GMT

GET
H2 200 img-cta.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 1 KB
1 KB 216ms
137ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-cta.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96db76674d466e2eaa52dc05c2994c48ac89861d2f3f8d0e26abf02f1e426bf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 09:18:41 GMT
x-content-type-options: nosniff
age: 344570
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1389
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 27 Jan 2023 09:18:41 GMT

GET
H2 200 gfx_white.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 99 B
192 B 200ms
121ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/gfx_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 17:59:52 GMT
x-content-type-options: nosniff
age: 486099
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 17:59:52 GMT

GET
H2 200 img-logo.png
tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/ Frame ABC2 4 KB
4 KB 119ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/4102680777889591446/assets/img-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc7d214b582fd6a827d52d5c59307473b2d629dec0fbbcd95721916b8ab67aca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:37:01 GMT
x-content-type-options: nosniff
age: 242670
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3749
x-xss-protection: 0
last-modified: Wed, 27 Oct 2021 15:37:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Jan 2023 13:37:01 GMT

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ABC2 3 KB
3 KB 218ms
139ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 18:15:52 GMT
x-content-type-options: nosniff
server: cafe
age: 53139
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 7688947696963022458
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Mon, 31 Jan 2022 18:15:52 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ABC2 344 B
807 B 118ms
39ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 16:59:05 GMT
x-content-type-options: nosniff
server: cafe
age: 57746
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 31 Jan 2022 16:59:05 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame ABC2 0
21 B 82ms
82ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CyKZaaqX3YafMKafC7_UP1LuhENqbyYRoyNGM6osPhbja58EpEAEgj4XsVmCV4pCCoAegAePRhdsCyAEJqQIyRTgm4bOyPqgDAcgDCKoE3AFP0CHfKaG2JmOg7kwaHmQogPBHgUykJ8m_-yuINo4E9GXbUTABSncW4cPRZCjnw_zJS1miOTE9KGa3dssJEyUhSmKv3VO4XHxZTgs_wZiTjDufvP73yDW_Exgm7rGNICXbEjMGsRaYLn_LOl8t-DS-wuIZLW55rVGAt8BJoLPhSFAW3U8p-6xEsntpkHlLcIjpPffjbwcjRFjif4ZMsxtJ9-zOzQ4nbGG5RMH_pKzlXaZmCSqQQqoguqzAhL8NI95zTi7TNaoqXzbM67KUAjv_PViEMyx90jmVBKREwATu6L2b7wOgBi6AB4Wu-qQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQh9wB0ggJCIDhgBAQARgfgAoByAsB2BMD0BUBmBYBgBcBshccChoIABIUcHViLTI3MDg2MTA1NDE1NzM1MTYYAA&sigh=t3YOHY002ik&uach_m=[UACH]&template_id=419&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=1904914005&adk=3948927683&adf=3002900970&pi=t.ma~as.1904914005&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690383&bpp=4&bdt=528&idt=207&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&correlator=7806545175662&frm=20&pv=2&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1176&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=HMn5XfBWTv&p=https%3A//beauty-upgrade.tw&dtd=226
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 31 Jan 2022 09:01:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 31 Jan 2022 09:01:31 GMT

GET
BLOB 200
OK 9373e516-6d13-4569-bfc4-35258e64c068
https://beauty-upgrade.tw/ 188 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://beauty-upgrade.tw/9373e516-6d13-4569-bfc4-35258e64c068
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9c513d4197616af20e2c0bdf01a35534c4a866d6f6947908c2f73a44bd560f5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Length: 188
Content-Type: application/javascript

GET
H3 200 amp4ads-host-v0.js Show response
cdn.ampproject.org/rtv/012111152338000/ 20 KB
7 KB 120ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012111152338000/amp4ads-host-v0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de412af0b356920e75086c2488e8df2a6c8e5e1f661a0c11052dd54aad4dc09a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 298357
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7334
x-xss-protection: 0
server: sffe
date: Thu, 27 Jan 2022 22:08:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "8710f745e3fa87a1"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 27 Jan 2023 22:08:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A48B 6 KB
670 B 97ms
48ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=7753913158&adk=1337076885&adf=3061535993&pi=t.ma~as.7753913158&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690388&bpp=1&bdt=533&idt=237&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=350x300&correlator=7806545175662&frm=20&pv=1&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=slewYWTWzU&p=https%3A//beauty-upgrade.tw&dtd=246

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 31 Jan 2022 08:19:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 31 Jan 2022 09:01:31 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 31 Jan 2022 09:01:31 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A48B 1 KB
875 B 99ms
50ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:55:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 08:55:09 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame A48B 18 KB
7 KB 75ms
38ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 635
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7644
x-xss-protection: 0
server: cafe
etag: 6659623896352890502
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 08:50:56 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A48B 2 KB
1 KB 88ms
51ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:00:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 09:00:26 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A48B 123 KB
37 KB 95ms
50ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 09:01:31 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame A48B 14 KB
6 KB 76ms
39ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:59:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 08:59:52 GMT

GET
H2 200 fccbdb50d0e11463e1edb3d8fcf7c364.js Show response
www.gstatic.com/mysidia/ Frame A48B 27 KB
12 KB 130ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fccbdb50d0e11463e1edb3d8fcf7c364.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 16:51:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317428
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11411
x-xss-protection: 0
last-modified: Tue, 25 Jan 2022 02:23:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 27 Apr 2022 16:51:03 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/17155466541311257982/ Frame A48B 27 KB
27 KB 47ms
46ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17155466541311257982/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c7c7716f389bffa445bfbad80d6eb6b0b4ff4a686a64223bc84883c53e9deac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 23:26:25 GMT
x-content-type-options: nosniff
age: 466506
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27378
x-xss-protection: 0
last-modified: Tue, 17 Mar 2020 12:17:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 23:26:25 GMT

GET
DATA 200
OK truncated
/ Frame A48B 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9ee048185c861bc857d1792362fab851dad2d2e021e0750f5afb9a506e91565e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A48B 0
0 87ms
87ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTBK7aqX3YaOGK5uNywWy56qQAteb-dpZrJqssNsMwI23ARABII-F7FZgleKQgqAHoAHVva3OAsgBCakCMkU4JuGzsj6oAwHIA8sEqgTiAU_Q8M6a1E9Px06kkKxIVBxy2WDdPnGltuHiUmqC0DA0ZWsmRx12i9wNyPdTo8ECrr-hFDXUAguO-oMJrLKER_92yIUAOsKJr9qRrNB-4TVhEAMabthN-LxcVwuiF1dV2sBuHeZUjEeZ2UZrPZaToYZyTX5OLogMoAL8NF4pUXEOwYt0t6cii7S_R2ghdWvDqM-IwJbuFGE3sArdi5rU0M24u_SIC_CyF4iZipLlD21nYR18OkosUxswQqT56a6zJhZuIOgdFmZganZbtOoEUXp90Tu6rOBvMfbOeI0OLtsj59nABIavjPOfApIFBAgEGAGSBQQIBRgEoAYugAeTwtKxAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEL7GAdIICQiA4YAQEAEYH4AKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi0yNzA4NjEwNTQxNTczNTE2GAA&sigh=ln1yT60p3k4&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2708610541573516&output=html&h=300&slotname=7753913158&adk=1337076885&adf=3061535993&pi=t.ma~as.7753913158&w=350&lmt=1643619690&rafmt=11&psa=0&format=350x300&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&flash=0&fwrattr=true&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1643619690388&bpp=1&bdt=533&idt=237&shv=r20220126&mjsv=m202201200301&ptt=9&saldr=aa&abxe=1&prev_fmts=350x300&correlator=7806545175662&frm=20&pv=1&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1018&ady=1829&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31064201%2C31064037%2C31061690&oid=2&pvsid=1289678569503664&pem=846&tmod=1038901144&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=slewYWTWzU&p=https%3A//beauty-upgrade.tw&dtd=246
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 31 Jan 2022 09:01:31 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame A48B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc28675302bd81a5ad3f152c6b5dc6bb2fcc6613261666135e26d9bbf2c50f15

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A48B 15 KB
16 KB 129ms
39ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 28 Jan 2022 13:39:48 GMT
x-content-type-options: nosniff
age: 242504
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 28 Jan 2023 13:39:48 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A48B 15 KB
16 KB 136ms
48ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 399913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 17:56:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame A48B 15 KB
15 KB 167ms
81ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 26 Jan 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 399780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 26 Jan 2023 17:58:32 GMT

GET
H/1.1 200
OK td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 273ms
273ms Script
text/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/beauty-upgrade.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 09:01:32 GMT
Content-Encoding: gzip
Last-Modified: Thu, 11 Jan 2018 09:42:51 GMT
Server: nginx
ETag: W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status: HIT from 10.252.55.26
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: null
Expires: Mon, 31 Jan 2022 10:01:32 GMT

GET
H2 200 recommend Show response
tw.popin.cc/popin_discovery/ 72 KB
18 KB 1067ms
538ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&&device=pc&media=beauty-upgrade.tw&extra=windows&agency=fullout-tw&topn=50&ad=10&r_category=all&country=tw&redirect=true&uid=ec2fa32d08d01fea5c11643619692007&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTcuMC40NjkyIiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzk3LjAuNDY5Mi43MSBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii8iLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU3JUJFJThFJUU1JThBJTlCJUU1JThEJTg3JUU3JUI0JTlBJTIwQmVhdXR5JTIwVXBncmFkZSUyMCU3QyUyMCVFOSU5OSVBQSVFNCVCRCVBMCVFNCVCOCU4MCVFOCVCNSVCNyVFNyVCRSU4RSVFNSU4QSU5QiVFNSU4RCU4NyVFNyVCNCU5QSIsInVzZXJfdGRfdXJsIjoiaHR0cHM6Ly9iZWF1dHktdXBncmFkZS50dy8iLCJ1c2VyX3RkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidXNlcl90ZF9ob3N0IjoiYmVhdXR5LXVwZ3JhZGUudHciLCJ1c2VyX2RldmljZSI6InBjIiwidXNlcl90aW1lIjoxNjQzNjE5NjkyMDA4LCJmcnVpdF9ib3hfcG9zaXRpb24iOiIiLCJmcnVpdF9zdHlsZSI6IiJ9&alg=ltr&callback=_p6_957c80c9effc
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/beauty-upgrade.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 7d3033a5c3794ff08d4384944f077ceb9e1a63314ca604e0e1ec9bd0278b7f85

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:32 GMT
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: nginx/1.13.5
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8

GET
H/1.1 200
OK popin_discovery5-min.js Show response
api.popin.cc/ 153 KB
42 KB 524ms
523ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/beauty-upgrade.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 790ce9c9da050e908b56ec0600baf60e48f07ee38a4147d49ad7be9e8597f01d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 09:01:32 GMT
Content-Encoding: gzip
Last-Modified: Wed, 12 Jan 2022 07:37:23 GMT
Server: nginx
ETag: W/"7cb405c5b70e2e1b9caa161e59ce863e"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: Tx0nUjINFWkM92qhV7m6r_J9CxWD1TPv
Expires: Mon, 31 Jan 2022 10:01:32 GMT

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame 5192 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2114
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 08:26:18 GMT

GET
H/1.1 200
OK popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 14 KB
4 KB 254ms
254ms Script
application/javascript 119.63.193.220
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 09:01:33 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Oct 2021 03:29:29 GMT
Server: nginx
ETag: W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status: HIT from 10.252.55.44
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=3600
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
x-amz-version-id: NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Expires: Mon, 31 Jan 2022 10:01:33 GMT

GET
H2 200 log.gif
r.popin.cc/ 35 B
186 B 810ms
258ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=ec2fa32d08d01fea5c11643619692007&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&t=1643619693083
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:33 GMT
last-modified: Thu, 29 Aug 2019 01:59:39 GMT
server: nginx
etag: "5d67318b-23"
content-type: image/gif
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 100ms
53ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220126&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22bb8a2672bc5c80c1e5c2d6fe20d7d67cba9de785f0af7dd01ffee20ce522fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9041
x-xss-protection: 0

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 107 KB
34 KB 219ms
14ms Script
application/javascript 23.203.74.175
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.203.74.175 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-74-175.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: LnUEiQicLR0PB_19rEBkqllnYGNw9feA
Content-Encoding: gzip
Last-Modified: Wed, 17 Nov 2021 07:32:04 GMT
Server: Apache
x-amz-request-id: H84TVRV41TZX4QR3
ETag: "8149da179cc4858e221e9c80dc7ccd6c"
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=28694
Date: Mon, 31 Jan 2022 09:01:34 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 33936
x-amz-id-2: iLXwudo0Cn7GXIJmaAWsaIvfFkEozBnflvZeUp8cFNMo9hPhvn5Gh4W4FfuCrEmI095F+qjNx1E=

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 94ms
47ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=beauty-upgrade.tw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 89ms
45ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=beauty-upgrade.tw

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 416 B
245 B 118ms
73ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1289678569503664&correlator=1643539952963930&output=ldjh&impl=fifs&eid=31061815%2C31064601%2C21068767%2C31061690&vrg=2022012701&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=21831126604%2Cbeauty_all_refresh&enc_prev_ius=0%2F1&prev_iu_szs=1x1&cookie=ID%3D80594b9f4ba58271-224145c92fcd001a%3AT%3D1643619690%3ART%3D1643619690%3AS%3DALNI_Mbw2dzAOsFnQ6g_MSd5-YrtWVRyPw&bc=31&abxe=1&dt=1643619693961&lmt=1643619693&dlt=1643619689855&idt=1071&frm=20&biw=1600&bih=1200&oid=2&adxs=800&adys=3417&adks=3586490956&ucis=1&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fbeauty-upgrade.tw%2F&vis=1&scr_x=0&scr_y=0&psz=1600x0&msz=1600x0&ga_vid=1732217904.1643619691&ga_sid=1643619691&ga_hid=267879970&ga_fc=true&fws=0&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3480ea7038886e3f07b230c7d559f59662e56b7463d63ae8a7fe5c860dd3e4e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 216
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://beauty-upgrade.tw
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0517484124fa920bd39ee4b495055c1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C979 6 KB
4 KB 184ms
47ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0517484124fa920bd39ee4b495055c1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012701.js?31064601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 31 Jan 2022 09:01:34 GMT
expires: Tue, 31 Jan 2023 09:01:34 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 %E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-1-7.jpg
beauty-upgrade.tw/wp-content/uploads/2018/12/ 52 KB
52 KB 19ms
18ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2018/12/%E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B8%E3%83%A5-1-7.jpg
Requested by: Host: beauty-upgrade.tw
URL: https://beauty-upgrade.tw/packs/js/application-0930c51fa5da74a404fe.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dae04949152b6bf5b6d194a56292c7ad4015200235404eca8e6fe676a0cd66b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:33 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 53031
last-modified: Thu, 27 Dec 2018 03:18:42 GMT
server: cloudflare
etag: "cf27-57df8674e86de"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhEBhpcgGK4eNClf9Tsb3bdVyEXCXlfTUxx45HajhLgd%2BhVohaVq17IG8yHSEFmgOe9f%2F%2Bf7WbgWdxGQpTky22IGy1mhGXzOBSbsv5BgIT1uEFqlh5tzRiWEY1QAQK79Q9QYW6%2B2tH7DX9GCaPEkSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c18f58069290-FRA

GET
H3 200 lipstickspearl.jpg
beauty-upgrade.tw/wp-content/uploads/2019/02/ 57 KB
58 KB 585ms
585ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/02/lipstickspearl.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54196971c3c7367692dc702204df001b314ee6ef22c25411c362e78c7409a83f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:34 GMT
cf-cache-status: MISS
last-modified: Mon, 04 Feb 2019 07:39:29 GMT
server: cloudflare
etag: "e597-5810c97c32827"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FVFeNCaWUz7obdwv2cGp0PMGa3FcEROB9H9OkeM9DVNNXKctiAmLSEmIDem%2B4gVx%2F0KvMcqkWN05pqPYgPt9C7ZJ68BJE5J1oYUzlr3euoh9Q6n4yqA%2F3EsOCB3LLG7pvWo4GNznDE8WUYJL%2BwdMRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6d61c18f58089290-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58775

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 09:01:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B541 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 08:36:01 GMT
expires: Tue, 31 Jan 2023 08:36:01 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 1533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0213 783 B
535 B 93ms
47ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbc2da872835298c06fa41a1d28bb31086e308a719a9563f489f83c387b94e88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QkYzyGUeD8c0zstPnr5bJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 31 Jan 2022 09:01:34 GMT
date: Mon, 31 Jan 2022 09:01:34 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QkYzyGUeD8c0zstPnr5bJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js Show response
pagead2.googlesyndication.com/bg/ Frame B541 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oVIaA8DHLQK8xPwSs1vijU2jqi1uqHC3deFYmTpVz9A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 08:26:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2116
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13582
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 08:26:18 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0213 0
0 80ms
79ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220126&jk=1289678569503664&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET generate_204
tpc.googlesyndication.com/ Frame B541 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220126&jk=1289678569503664&bg=!rK-lr-vNAAY6OBv_Ojg7ACkAdvg8WlIkwaqNOSLrnvPdhxuFXnfxzCWU8aOivz19bwpSPgMVjWIHCwIAAABhUgAAAARoAQcKAFXqS5Le65Yl6ikQqej9x7o86UIm6G-CCD4GBi5chwJJLNGG8wGGvs0WgCsWr27atcFaWgmiewItUxEW-EW6oi0s7uclLcGQD-kzAB3P40az6ZP7bPv5mQKyKUMlvHagGbSBZujloT65-cbk0gcvIuwKimp3xz0GzLaS4J9YZD29dhj2s9zb9mS2nbaPHOB9rWiOH4rvfPiy47NaVjq6I4XgZjer3OTUuc58Coglhymha8GdoCsZ4rclv5SG3C7N4m-QUCNFoyrNMsACl_RbgdE0520BJfi_LVUI4J_U36jL8GCI6dN5xGt46BqRTyY_8bCCV7cm_WOfrDQkWtMut58AL73pkqunvi1C_d8WdnDMZY7I00iCLLKpbKlvMKTIyL17uHwPy9goBrkm5acwPRPVXLyQpX49ZPBc7L9lQjHMrCe3EADqPPTLdLAwl54feAJtDcB_F7DfAEkbz0ELfMGXiaWEEuSUwyqvRLDbERCVhHx32qqWUKNjp3pgawza1ZSdGhC2c9r4vTjD0HcSUoY_SnA1hpXM9EojQ9kWFquuyTMK3h5_OmOe6k_LFcHJc6IH7EW7Hyw8RBdE5abZKOxr44RNsk6PsUvrsSwBSNIdbqagi_SKckVcs9_b8t2FCaPTgJedTVOchjGyUGOBfua5vGzpqjW9c_wUysH1ARGojLyt_Fkaur1WfCNQh1kCWaBv-bas_kB3aVUi2yn2Mx-zy7_9WdcaHgdzPNZHV1pDI6MAKy2jnd50wc7bEgFmwH3vxdzUrFs0ingn0JWn2L6AB9fZYSrfnXfPosJEKhvpMRDpUXdWJv4HFHGk1gf3lzphoKnyrLh4yBdgSs1496-hLJpFxE2DOzxeP5jOcaIxPGTZ7WN4WiB148TC64xoTxf1AkNiNxdn_5_Nz8dZ7DBLIpUL8cFuon-3OqO2cMEZ81B5wbsAQNmlUNdBZMzgx_mFENe2pthvu0Hw3sVXJoRa8ifJtM01fWkuBpI3K4y4ubaHz_lnz5LkPSz-_48g36HK4yhfK5ElPs5V

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 09:01:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/beauty-upgrade.tw%2Fadgeek/ 511 B
755 B 828ms
266ms Script
text/javascript 3.34.81.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/beauty-upgrade.tw%2Fadgeek/prefs2?cached_uid=&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.34.81.245 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-34-81-245.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

41b6c880aa180cf51a6259ff6363341e0aa6560c5bfce6cf6bede43ec6b044ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.20.0
etag: W/"1ff-yA8EFQ85pYi554jndgT4m+PlZQM"
content-type: text/javascript; charset=utf-8

GET
H3 200 20%E6%AC%BE%E7%B2%BE%E8%8F%AF%E6%B6%B2%E6%8E%A8%E8%96%A6%E9%A6%96%E5%9C%96.jpg
beauty-upgrade.tw/wp-content/uploads/2018/08/ 41 KB
42 KB 17ms
17ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2018/08/20%E6%AC%BE%E7%B2%BE%E8%8F%AF%E6%B6%B2%E6%8E%A8%E8%96%A6%E9%A6%96%E5%9C%96.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7c52c07267aed919395776d7edf479d6e5b190990a778b102f83cc8e696a3d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2159
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42289
last-modified: Wed, 04 Nov 2020 00:51:39 GMT
server: cloudflare
etag: "a531-5b33d61db0c34"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2P0q9ZeGwC2ZTCTwXoEm%2FvetSkKKUP0bOGo6v7k9TzDcFpzmvFCoG%2B5S6bjkCUMPvLlUwBREjs%2BnWK36PVq%2F%2FYvC0kPishZOy1R0AaATq7J5b9u9q7ElvXQXXIpskZs49mLSDfWRBOUgVlteoFa%2BDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1971faf9290-FRA

GET
H3 200 %E7%94%B7%E7%94%9F%E7%A9%BF%E6%90%AD-1.jpg
beauty-upgrade.tw/wp-content/uploads/2019/07/ 56 KB
56 KB 18ms
18ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/07/%E7%94%B7%E7%94%9F%E7%A9%BF%E6%90%AD-1.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a42f7f679729493036ba0f1ad54d790af5cd77671c997bd11e61d46ff2b3b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57253
last-modified: Fri, 25 Oct 2019 04:47:30 GMT
server: cloudflare
etag: "dfa5-595b4d8f97768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KisRo4efQs0PQDjCi4u15ltbao0EX6FA690nnIiyNFZHZL53fy5ch4TOBn5J6VmkUGXno50QlEmXg1FdLYuPsK%2FNV45DQVS%2FgmBnfY%2BCfQ8YCWpaqFoDhVgC2hHanX2GIo5FmkTyJscjIiIOUMidwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1971fb59290-FRA

GET
H3 200 %E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B7%E3%82%99%E3%83%A57.jpg
beauty-upgrade.tw/wp-content/uploads/2019/04/ 66 KB
66 KB 15ms
14ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2019/04/%E3%82%BF%E3%82%A4%E3%83%88%E3%83%AB%E3%81%AA%E3%81%97%E3%81%AE%E3%82%B3%E3%83%A9%E3%83%BC%E3%82%B7%E3%82%99%E3%83%A57.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10a7fa51031c92eb020e80edc3e0c02ed2df0a0411aea012e7c5401f0289b0aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67199
last-modified: Thu, 18 Jul 2019 08:27:53 GMT
server: cloudflare
etag: "1067f-58df062daaba2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iZ4DA%2Bm4RrEXg40wgt7xObgusXzqY4pcDCRNmXca3f%2FLYx6TwiNKv9yNTf9dVZQ74nB69oE3%2B8aebI9n5Zv1OBKEjKUsATBKU8DhBdsabAlW3DN7Nj%2F0eMQJHj8RH6IPT2TbrM8Yj7sFOuMI%2FfsHKA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1971fb89290-FRA

GET
H3 200 8-486x290.jpg
beauty-upgrade.tw/wp-content/uploads/2020/03/ 24 KB
25 KB 19ms
18ms Image
image/jpeg 2606:4700:3035::ac43:dc65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beauty-upgrade.tw/wp-content/uploads/2020/03/8-486x290.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:dc65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2752c83e7ac4732d065013fadada14cb07c600762fa08cbb384978494f3b685c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:35 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 803
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24606
last-modified: Fri, 06 Mar 2020 02:22:29 GMT
server: cloudflare
etag: "601e-5a0265345e4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=du9%2BwIWeVIEy9LtyvqcCQZtKB4dHsaQw0qTulfxkmGZTTwtpyw%2Bs7ACpF5esRswkWt%2F9cw%2FaDFycJauVwChzI%2Bj%2BwLfi5qxQ8Omv0P%2BNlUuTIOK%2BUqjf0K2KDuAsQ2m3dSLA%2FrXbbDQTpWfyvSY1xw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6d61c1971fbc9290-FRA

GET
H2 200 visit Show response
api.dable.io/logs/services/beauty-upgrade.tw%2Fadgeek/users/15365561.1643619695279/ 54 B
201 B 276ms
276ms Script
text/javascript 3.34.81.245
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/logs/services/beauty-upgrade.tw%2Fadgeek/users/15365561.1643619695279/visit?url=https%3A%2F%2Fbeauty-upgrade.tw%2F&ref=&lang=en-US&cid=15365561.1643619695279&z=690242&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.34.81.245 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-34-81-245.ap-northeast-2.compute.amazonaws.com

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx/1.20.0
content-type: text/javascript; charset=utf-8

GET
H2 200 visit Show response
r-log.dable.io/s/beauty-upgrade.tw%2Fadgeek/u/15365561.1643619695279/ 54 B
199 B 1056ms
261ms Script
text/javascript 3.37.34.240

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/beauty-upgrade.tw%2Fadgeek/u/15365561.1643619695279/visit?url=https%3A%2F%2Fbeauty-upgrade.tw%2F&ref=&lang=en-US&cid=15365561.1643619695279&z=690242&callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.37.34.240 -, , ASN (),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 09:01:36 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET match
analytics.ad.daum.net/ 0
0

GET
H2

200

google
adx.dable.io/pixel/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm
https://adx.dable.io/pixel/google?google_gid=CAESEB5AFjHFqrgx4jvFAsvhU78&google_cver=1

35 B
208 B

928ms
263ms

Image
image/gif

3.39.1.210

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adx.dable.io/pixel/google?google_gid=CAESEB5AFjHFqrgx4jvFAsvhU78&google_cver=1
Protocol: H2
Server: 3.39.1.210 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://beauty-upgrade.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:01:36 GMT
server: nginx
content-length: 35
content-type: image/gif

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 09:01:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://adx.dable.io/pixel/google?google_gid=CAESEB5AFjHFqrgx4jvFAsvhU78&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?YCL1vQ

Domain: analytics.ad.daum.net
URL: https://analytics.ad.daum.net/match?d=111&uid=15365561.1643619695279

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
beauty-upgrade.tw/	1970-01-27 07:52:51	Name: _session_id Value: 1ZMOQ9a83oxPFEzXBWJKq1C5SQ2V4%2B8cwGmjA99Ff8FlDFWr8TyU4PkQ%2FJXlNXSHhFrJWkJmew940i4s5ijNmdU83ASzMondEKKWoL6gVIDlZJyAlFPuTf6AOzZrGTPm%2Fj2%2FzTK0OJgRvQz2aaiFjtEtBcI2wewEVSnfPzzMOb8aSoQr28%2BcHU%2FaHkTRKtdiIE9q9Ro1GT9A91dRKjBijHvDQYBFWF2Btkc89x9IX00OPAD3x6CwiQM1vbabRG%2FJ1M87NKRRw%2FWYwBTKN%2FGdzfWthDCQJEfqhmHQMiyowV%2BO1gkQ9PK9GCwRNOQUQgurBc4Eo1o%3D--bDsQ1iExLbOgRvOi--5QAvvtkdABatiLaTVH%2F2dg%3D%3D
.beauty-upgrade.tw/	1970-01-20 02:43:15	Name: _fbp Value: fb.1.1643619690663.1797664118
.beauty-upgrade.tw/	1970-01-20 18:04:51	Name: _ga Value: GA1.2.1732217904.1643619691
.beauty-upgrade.tw/	1970-01-20 00:35:06	Name: _gid Value: GA1.2.256874567.1643619691
.beauty-upgrade.tw/	1970-01-20 00:33:39	Name: _gat_UA-120764954-1 Value: 1
.doubleclick.net/	1970-01-20 09:55:15	Name: IDE Value: AHWqTUk3roPjZRvpKTxdZoxGOI2RahXKZPygvoe0VgeAa710QYmaNsFAHPmOqgAfKnI
.doubleclick.net/	1970-01-20 00:33:40	Name: test_cookie Value: CheckForPermission
.beauty-upgrade.tw/	1970-01-20 09:19:15	Name: _ss_pp_id Value: ec2fa32d08d01fea5c11643619692007
.beauty-upgrade.tw/	1970-01-20 18:04:51	Name: _td Value: f3b77a31-ea6e-4042-9b43-7bf542eab932
.popin.cc/	1970-01-20 09:19:15	Name: uid Value: ec2fa32d08d01fea5c11643619692007
.beauty-upgrade.tw/	1970-01-20 09:55:15	Name: __gads Value: ID=80594b9f4ba58271:T=1643619690:S=ALNI_MasvoDeF1xNhcFY2Bp3xPNm3jesUQ
.dable.io/	1970-01-21 02:50:27	Name: uid Value: 15365561.1643619695279
.dable.io/	1970-01-20 00:34:33	Name: _skp Value: 1
.dable.io/	1970-01-20 00:51:50	Name: _gg_ck_match Value: 1
.beauty-upgrade.tw/	1970-01-20 18:04:51	Name: dable_uid Value: 15365561.1643619695279

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://cdn.ampproject.org/rtv/012111152338000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0517484124fa920bd39ee4b495055c1f.safeframe.googlesyndication.com
adservice.google.com
adservice.google.de
adx.dable.io
analytics.ad.daum.net
api.dable.io
api.popin.cc
beauty-upgrade.tw
cdn.ampproject.org
cm.g.doubleclick.net
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
js.ptengine.jp
my1312-hat-23be.googlerootmm.workers.dev
pagead2.googlesyndication.com
partner.googleadservices.com
r-log.dable.io
r.popin.cc
securepubads.g.doubleclick.net
static.dable.io
stats.g.doubleclick.net
tpc.googlesyndication.com
tw.popin.cc
use.fontawesome.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
analytics.ad.daum.net
tpc.googlesyndication.com
119.63.193.220
119.63.198.188
119.63.198.189
142.250.184.226
142.250.185.98
23.203.74.175
2600:9000:2156:9800:14:3d35:8f40:93a1
2606:4700:3035::ac43:dc65
2606:4700:3037::6815:2c55
2606:4700:3037::6815:4e07
2a00:1450:4001:802::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:810::2003
2a00:1450:4001:810::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2001
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c08::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.34.81.245
3.37.34.240
3.39.1.210
04413880a17a542aafb6b7ae5b305a3508d747131a56b4c14e5ab6551deeb52f
0a271c0fef35043cb93ff408a74040cf49335a0410c8083769492a5ae0779a2d
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0f4fdf9f78a6678207ffa7eabc4f2a2eac3cd756b3aa69c6ad75b4dc81ce1d36
10a7fa51031c92eb020e80edc3e0c02ed2df0a0411aea012e7c5401f0289b0aa
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1252c3bdeb216a3e70e0719c9d03850e0ecd37f0f9eb98de4c3b966b1d65d083
140b2a2309a40c4f101c6311e73b8f501418ef6a69c42e81f7961b0fd4066572
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
144ce41ed31431fbca1baf94e51ee09a29c45dc646b98fdf7ae6772add32d908
14b52d5e44212b22f6de0be5caeeb5bba561a29fd91bf6076bf1ad6d45ecae6f
15314a37df0e3723149b52e09885c4d2d3f8358a9710d1170e625e4265c9a4e2
185337a2e6b4db84abe97e265527448cced24043e740754b935bd23087cc4f66
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1a42f7f679729493036ba0f1ad54d790af5cd77671c997bd11e61d46ff2b3b97
2193054ab8a2bc36f5ef0b90c4d53dd5626e14b0123a2972066e2ed1fd44459d
22bb8a2672bc5c80c1e5c2d6fe20d7d67cba9de785f0af7dd01ffee20ce522fd
2752c83e7ac4732d065013fadada14cb07c600762fa08cbb384978494f3b685c
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
283f94f6915aec886c5e39ad4fea18425d60fe2e24ed903c66f9252f2ad48ee4
2cef3a9d0606aecfe2476867e61f76535b9bb5b8e9d31957cc9504cdd1e69396
2dd7d3e06eac3daf3ebc60369b879dc3a81a97bc97d403de79b7ea0199c0400b
32b10d602aa2548ab2b3282986ba409a2ec9ba4f40b5a2354d37a622c0b2eb59
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
3480ea7038886e3f07b230c7d559f59662e56b7463d63ae8a7fe5c860dd3e4e3
3833674267350b33175e103aea03cdecfadd06d54288e1725b6c02a1a5b0d0da
3c7c7716f389bffa445bfbad80d6eb6b0b4ff4a686a64223bc84883c53e9deac
3cb20d115c3491d0bd807c03a870b8f584c062d801ec89e2a094b9ea86857dd6
41b6c880aa180cf51a6259ff6363341e0aa6560c5bfce6cf6bede43ec6b044ee
449f9776daf23009a4f4d0c50a059284f5e4538ee79b9628550bd9bad8690b2e
4aca25e7ddb67eb2f6e25cd141dac926129abee9c87d81ddab948cfd6cae21cb
4c061a302d3aad80e5d04a7608f20a26cb6ca995f3e36bfb65500e17552debeb
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
4e87428844caed0d811c783476ad57b90022d9142a25c7f92f4a940cfefed211
4ecae812008e30d9d32815ff5f2f115b81a2a72a29f4e8518d86347dd9f5309f
4ecca15ce8c23c1788d52d17050e780228715017b17ff5c51825d85619bb5ef4
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54196971c3c7367692dc702204df001b314ee6ef22c25411c362e78c7409a83f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c2237d91e89de64f84f7ce13b06124b3820b6b5676f973ea2587258eb99ad50
5c59b0a807889fa50043a800ac58dc2abae8d2e8e96b6decab6dd038811698c7
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5ecfb939562146e97d8495e51811ebcad4ce32f3e7ee205ae0067a0f1854315c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
666950fc1ff6572504e2fe51cf745ba35b5367f8fd334791a4a28f59efdf9842
66e39f9547f85403b57eb6da19a1835fba87aefe1472e04e607d492232f386ad
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d4df93cb480722a620e6dbf1cda617b1db72dbadb3687228a140323a57a5cff
7339a6b01e1dacaab8094bf1b1fc3edb7beda9bf32124a95c54534444f3c0caf
7435d3e2c2df2c7879f1af0930e141fe9b9efa651c9a7d60219c86f65e2e57df
77502630683d2be93f717d9755734bc7275175d9d49a96ac8f9dd5c2001502f6
7812233493c564ee5eb2bcd8484cb4a0fcd06776e464685cd420635939918afe
790ce9c9da050e908b56ec0600baf60e48f07ee38a4147d49ad7be9e8597f01d
7a94be541e5fa703c924b636d07e3f9801427c1b482ed2ca1ea31927f50745cf
7c2c9d86d174ce03da043c808e144be0d1838397d9e28e7434bcda1344e384da
7d3033a5c3794ff08d4384944f077ceb9e1a63314ca604e0e1ec9bd0278b7f85
7e5b748d6ba91870c0397279cb5e2dda22df263a34389b6dfaa89393debbb8e2
80fe90cb559538158bc235f4e539d9bcae203e19fab7c6970aad37b0154348ff
8125e7832b237253c3d448897cd899cb9834fa7fbd2b486756b0a834760e3ae1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
874998d163d61cbef922ed489b9dbe434050ad15a550122ca66cad3e6808c8fc
87ed9756740323fd15924f49dab99a1c27d770ff02bb2c6d82f5aae84bba4896
885cbf06b8ae0f423349f0987996dafb05c810033368bda2657f366c66ee4639
8937a1398507aade032e80c8de86bc1787aac872c4bbefb460514a37fcace993
8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5
8caf2ae9969d0ce386addf04c53d2b7fc7548d0328099329ed68300959b4e47b
922de89b70b182ac889adc7bd9ce97b6ced9ab60c2854402fe216fa8f4c7918f
95b6ae8d835a43eb61c658e1804398a616074e2ad6b071ea2fcdd3818064f2ed
969b5f20e50624afd483ec6e5e8767fafffbaf0b2fb046f034ace12c1e45a094
96db76674d466e2eaa52dc05c2994c48ac89861d2f3f8d0e26abf02f1e426bf4
975714c6cb70ba105bfa87d2415df2fddde4a46c1d3ab9d0cf45465e56cba97d
97f59ccead873800701418302300e1c43fc7d41efe5aeb412d8279fefd5cd913
982043ff911d2a9d06f4fca5189f083345ba78031468d75d5ee484cac7cb0d61
9a4017778e6ddb534b9a584ce8eff7f14cc3c5f4f2fa2aecdbb8fdebdc148a4e
9c78b4de720c4aa63376cbcf1a526a69fc7134cb7da8c6bf9939dcec806effd2
9ee048185c861bc857d1792362fab851dad2d2e021e0750f5afb9a506e91565e
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a1521a03c0c72d02bcc4fc12b35be28d4da3aa2d6ea870b775e158993a55cfd0
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a9c513d4197616af20e2c0bdf01a35534c4a866d6f6947908c2f73a44bd560f5
b30bb60212d3df9289adb8e0067eaf0b1d5a6b7ae781755dbbbab4c2e70f2005
b6727ffae1e5c28437d17630f586989aa8272cb7ced1bdebfd00973b7ebe0966
b8a454a583240c7b3de19b7c24d4d0275710c0aef795a319203740ad4dff29d8
bc28675302bd81a5ad3f152c6b5dc6bb2fcc6613261666135e26d9bbf2c50f15
c55508ea7ce1ad08364772fbfadb835d2b1d1b9238d345c45eee1943ada4ff6f
cbc2da872835298c06fa41a1d28bb31086e308a719a9563f489f83c387b94e88
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
d0b51ca8f3f69c164d8c44e9e2ee1e0cd7d1db5631c9072090219f9943525c66
d689cd97fa6995a9c9064b6210fd050944c4a1c532d1c7c2ff65c43b4c970a56
d7c52c07267aed919395776d7edf479d6e5b190990a778b102f83cc8e696a3d5
d8cdece7cf20ac6ffc2a137d4beb1750c7479cd675f0b9977e751300f1d7154c
dae04949152b6bf5b6d194a56292c7ad4015200235404eca8e6fe676a0cd66b1
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de412af0b356920e75086c2488e8df2a6c8e5e1f661a0c11052dd54aad4dc09a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61b19230e1982245788d9911deb35e82aac0318a214bcf4d8317b83a7e863e0
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee52b8685f9a20fe0e68a0ca0e572aaa32bf1bdafce89f5853bc4338be991f3e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1b3a51250ea5d2b293615f08241269ed8277b95654cddafbc0f5df8d61e6cc1
fc7d214b582fd6a827d52d5c59307473b2d629dec0fbbcd95721916b8ab67aca
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
ff3b6e3cf3d9e078d57462353e3767216ee88bd4fbfb0331b0a16069dc684034
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

beauty-upgrade.tw Open in urlscan Pro 2606:4700:3035::ac43:dc65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

124 Requests

97 %HTTPS

71 %IPv6

20 Domains

33 Subdomains

30 IPs

5 Countries

2974 kBTransfer

6450 kBSize

15 Cookies

8 Outgoing links

Page URL History

Redirected requests

124 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

beauty-upgrade.tw Open in urlscan Pro
2606:4700:3035::ac43:dc65 Public Scan

Screenshot
Live screenshot

Full Image

124
Requests

97 %
HTTPS

71 %
IPv6

20
Domains

33
Subdomains

30
IPs

5
Countries

2974 kB
Transfer

6450 kB
Size

15
Cookies

124 HTTP transactions
3 data transactions