www.elle.com Open in urlscan Pro
151.101.64.155 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Submission Tags: falconsandbox
Submission: On February 22 via api (February 22nd 2023, 7:24:26 am UTC) from US — Scanned from DE

Summary HTTP 322 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 72 IPs in 12 countries across 62 domains to perform 322 HTTP transactions. The main IP is 151.101.64.155, located in United States and belongs to FASTLY, US. The main domain is www.elle.com. The Cisco Umbrella rank of the primary domain is 42234.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q1 on January 31st 2023. Valid for: a year.

This is the only time www.elle.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	151.101.64.155 151.101.64.155	54113 (FASTLY) (FASTLY)
3	65.9.66.24 65.9.66.24	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.83 13.227.219.83	16509 (AMAZON-02) (AMAZON-02)
2	18.173.5.79 18.173.5.79	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
2	52.222.139.45 52.222.139.45	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
10	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2606:4700::68... 2606:4700::6812:af	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	150.136.29.250 150.136.29.250	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
6 10	185.89.211.116 185.89.211.116	29990 (ASN-APPNEX) (ASN-APPNEX)
1	104.19.150.54 104.19.150.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1	2.18.232.7 2.18.232.7	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.227.60.200 23.227.60.200	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.111.217.83 104.111.217.83	16625 (AKAMAI-AS) (AKAMAI-AS)
1	65.9.86.82 65.9.86.82	() ()
13 35	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	3.136.241.121 3.136.241.121	16509 (AMAZON-02) (AMAZON-02)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
1	13.228.49.89 13.228.49.89	16509 (AMAZON-02) (AMAZON-02)
1 2	54.251.155.116 54.251.155.116	16509 (AMAZON-02) (AMAZON-02)
1 1	172.104.70.67 172.104.70.67	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
1 8	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
4	13.229.1.241 13.229.1.241	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80e::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
42	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	54.75.204.73 54.75.204.73	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
9 15	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4	142.251.208.130 142.251.208.130	15169 (GOOGLE) (GOOGLE)
3 3	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:6b2a:5cae:833b:4670	16509 (AMAZON-02) (AMAZON-02)
2	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
1 1	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2600:9000:220... 2600:9000:2204:de00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	23.203.124.21 23.203.124.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	18.196.120.245 18.196.120.245	16509 (AMAZON-02) (AMAZON-02)
2 2	64.74.236.223 64.74.236.223	19024 (INTERNAP-...) (INTERNAP-BLK5)
2	185.86.139.103 185.86.139.103	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	23.35.209.30 23.35.209.30	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
2 2	216.52.2.91 216.52.2.91	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
4	108.138.5.230 108.138.5.230	16509 (AMAZON-02) (AMAZON-02)
2 2	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:60::6	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:4c::a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.32.99.43 13.32.99.43	16509 (AMAZON-02) (AMAZON-02)
4	54.77.206.57 54.77.206.57	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:b000:5:2377:b1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2250:b600:9:f3c8:9b00:93a1	16509 (AMAZON-02) (AMAZON-02)
4	178.63.219.113 178.63.219.113	24940 (HETZNER-AS) (HETZNER-AS)
2	2a03:2880:f04... 2a03:2880:f042:110:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.201.93.216 35.201.93.216	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
5	184.24.177.89 184.24.177.89	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.112.84 18.66.112.84	16509 (AMAZON-02) (AMAZON-02)
1	3.226.166.212 3.226.166.212	() ()
1	119.63.193.220 119.63.193.220	() ()
2	35.190.80.55 35.190.80.55	15169 (GOOGLE) (GOOGLE)
2	75.2.40.13 75.2.40.13	() ()
2	15.164.137.101 15.164.137.101	() ()
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	() ()
2	2606:4700::68... 2606:4700::6811:180e	() ()
2	52.78.32.47 52.78.32.47	() ()
1	103.243.202.190 103.243.202.190	() ()
1	2a00:1450:400... 2a00:1450:4001:82a::200a	() ()
322	72

34 151.101.64.155 (United States)

ASN54113 (FASTLY, US)

www.elle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.hearstapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hips.hearstapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static-assets.hearstapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-24.fra56.r.cloudfront.net

nexus.ensighten.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-83.ams54.r.cloudfront.net

cdn.qgr.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.5.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-5-79.cph50.r.cloudfront.net

cdn.qgraph.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.139.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-45.ams50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googlesync.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:af (United States)

ASN13335 (CLOUDFLARENET, US)

0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.29.250 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

hearst.gscontxt.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

0272ac85-5199-4024-a555-397c3d825d95.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 185.89.211.116 (Frankfurt am Main, Germany) 6 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.19.150.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.7 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-7.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.227.60.200 (Etobicoke, Canada)

ASN13335 (CLOUDFLARENET, US)

cdn.shopify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.217.83 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-83.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.86.82 (United States)

ASN- ()
PTR: server-65-9-86-82.ams1.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 172.217.16.130 (United States) 13 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.136.241.121 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-241-121.us-east-2.compute.amazonaws.com

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.228.49.89 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-49-89.ap-southeast-1.compute.amazonaws.com

aiqua-user.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.251.155.116 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-155-116.ap-southeast-1.compute.amazonaws.com

api.quantumgraph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.70.67 (Tokyo, Japan) 1 redirects

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: li1680-67.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.229.1.241 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-229-1-241.ap-southeast-1.compute.amazonaws.com

aiqua-sdk.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::2001 (Ireland)

ASN15169 (GOOGLE, US)

824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.75.204.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-204-73.eu-west-1.compute.amazonaws.com

as.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.80.39.216 (Canada) 9 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.244 (United Kingdom) 3 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:6b2a:5cae:833b:4670 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.24.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:de00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.203.124.21 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-21.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.120.245 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-120-245.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.74.236.223 (United States) 2 redirects

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.103 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.209.30 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-209-30.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.91 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.5.230 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-5-230.fra56.r.cloudfront.net

playercdn.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:60::6 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r1---sn-4g5e6ns6.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:4c::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6nzs.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.99.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-43.fra60.r.cloudfront.net

assets.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.77.206.57 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-206-57.eu-west-1.compute.amazonaws.com

evs.euw1.jivox.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:b000:5:2377:b1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cstudio.aiqua.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:b600:9:f3c8:9b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.giosgusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.63.219.113 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: service.giosg.com

api.giosg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f042:110:face:b00c:0:3 (Marseille, France)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.93.216 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 216.93.201.35.bc.googleusercontent.com

gwiqcdn.globalwebindex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.24.177.89 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-177-89.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.84 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-84.fra56.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.226.166.212 (None, )

ASN- ()

link.elle.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.193.220 (None, )

ASN- ()

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.80.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 55.80.190.35.bc.googleusercontent.com

gwiq-v3.globalwebindex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 75.2.40.13 (None, )

ASN- ()

api.sail-personalize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.164.137.101 (None, )

ASN- ()

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (None, )

ASN- ()

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.78.32.47 (None, )

ASN- ()

r-log.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.243.202.190 (None, )

ASN- ()

cm-exchange.toast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (None, )

ASN- ()

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
67	googlesyndication.com 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 137 pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 ade.googlesyndication.com — Cisco Umbrella Rank: 281	366 KB
54	doubleclick.net 13 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313	281 KB
39	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 270 gcdn.2mdn.net — Cisco Umbrella Rank: 1020 r1---sn-4g5e6ns6.c.2mdn.net r5---sn-4g5e6nzs.c.2mdn.net — Cisco Umbrella Rank: 811116	4 MB
33	hearstapps.com assets.hearstapps.com — Cisco Umbrella Rank: 12343 hips.hearstapps.com — Cisco Umbrella Rank: 7210 static-assets.hearstapps.com — Cisco Umbrella Rank: 30578	6 MB
16	casalemedia.com 10 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 533 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421	12 KB
11	jivox.com as.euw1.jivox.com — Cisco Umbrella Rank: 178796 playercdn.jivox.com — Cisco Umbrella Rank: 3773 assets.euw1.jivox.com — Cisco Umbrella Rank: 188792 evs.euw1.jivox.com — Cisco Umbrella Rank: 180196 cdn.euw1.jivox.com Failed	138 KB
11	permutive.com api.permutive.com — Cisco Umbrella Rank: 1827 cdn.permutive.com — Cisco Umbrella Rank: 2497 googlesync.permutive.com — Cisco Umbrella Rank: 8400	21 KB
10	adnxs.com 6 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	10 KB
9	dable.io static.dable.io — Cisco Umbrella Rank: 27578 api.dable.io r-log.dable.io images.dable.io ad-log.dable.io Failed	69 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	1 KB
6	appier.net 1 redirects aiqua-user.c.appier.net — Cisco Umbrella Rank: 111255 gocm.c.appier.net — Cisco Umbrella Rank: 1930 aiqua-sdk.c.appier.net — Cisco Umbrella Rank: 98547	6 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 357	110 KB
5	teads.tv 2 redirects a.teads.tv — Cisco Umbrella Rank: 1330 sync.teads.tv — Cisco Umbrella Rank: 1222	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2506	40 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	278 KB
4	giosg.com api.giosg.com — Cisco Umbrella Rank: 213607	642 B
3	facebook.com www.facebook.com	263 B
3	globalwebindex.net gwiqcdn.globalwebindex.net — Cisco Umbrella Rank: 31754 gwiq-v3.globalwebindex.net — Cisco Umbrella Rank: 17713	6 KB
3	yahoo.com 3 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422 ups.analytics.yahoo.com — Cisco Umbrella Rank: 273	1 KB
3	mathtag.com 3 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	3 KB
3	gstatic.com fonts.gstatic.com	2 MB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	144 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 43 ajax.googleapis.com	35 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6232 adservice.google.de — Cisco Umbrella Rank: 9006	1 KB
3	ensighten.com nexus.ensighten.com — Cisco Umbrella Rank: 2923	38 KB
2	cloudflare.com cdnjs.cloudflare.com	85 KB
2	sail-personalize.com api.sail-personalize.com	497 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	138 KB
2	giosgusercontent.com cdn.giosgusercontent.com — Cisco Umbrella Rank: 293453	6 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 591	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 590	1 KB
2	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 788	89 B
2	zemanta.com 2 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 520	1 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 284	1 KB
2	media.net 2 redirects cs.media.net — Cisco Umbrella Rank: 1361	2 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1408	486 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 586	897 B
2	quantumgraph.com 1 redirects api.quantumgraph.com — Cisco Umbrella Rank: 62239	643 B
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	652 B
2	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 285	57 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 147	2 KB
2	qgraph.io cdn.qgraph.io — Cisco Umbrella Rank: 89343	158 KB
1	toast.com cm-exchange.toast.com	609 B
1	popin.cc api.popin.cc
1	elle.com.tw link.elle.com.tw	4 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 2763	33 KB
1	aiqua.in cstudio.aiqua.in	57 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1301	63 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 709	437 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 787	251 B
1	line.me tr.line.me — Cisco Umbrella Rank: 14871	425 B
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 13160 certify.alexametrics.com Failed	5 KB
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 14331	10 KB
1	shopify.com cdn.shopify.com — Cisco Umbrella Rank: 1822	1 KB
1	prmutv.co 0272ac85-5199-4024-a555-397c3d825d95.prmutv.co — Cisco Umbrella Rank: 14208	392 B
1	gscontxt.net hearst.gscontxt.net — Cisco Umbrella Rank: 13916	297 B
1	permutive.app 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app — Cisco Umbrella Rank: 10948	197 KB
1	qgr.ph cdn.qgr.ph — Cisco Umbrella Rank: 118259	2 KB
1	elle.com www.elle.com — Cisco Umbrella Rank: 42234	62 KB
0	admixer.co.kr Failed idsync.admixer.co.kr Failed
0	daum.net Failed analytics.ad.daum.net Failed
322	62

	Domain	Requested by
42	pagead2.googlesyndication.com	824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.elle.com www.googletagservices.com securepubads.g.doubleclick.net
35	cm.g.doubleclick.net	13 redirects googleads.g.doubleclick.net www.elle.com 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
33	s0.2mdn.net	www.elle.com s0.2mdn.net
21	assets.hearstapps.com	www.elle.com assets.hearstapps.com
19	tpc.googlesyndication.com	www.elle.com 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net securepubads.g.doubleclick.net
15	dsum-sec.casalemedia.com	9 redirects googleads.g.doubleclick.net
10	ib.adnxs.com	6 redirects 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app googleads.g.doubleclick.net
9	googleads.g.doubleclick.net	www.elle.com 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com pagead2.googlesyndication.com www.googletagmanager.com
9	api.permutive.com	static-assets.hearstapps.com 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
9	hips.hearstapps.com	www.elle.com
8	www.google.com	1 redirects www.elle.com 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com tpc.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	securepubads.g.doubleclick.net	static-assets.hearstapps.com securepubads.g.doubleclick.net www.elle.com
5	www.googletagmanager.com	static-assets.hearstapps.com www.googletagmanager.com nexus.ensighten.com
4	static.dable.io	nexus.ensighten.com api.dable.io
4	api.giosg.com	cstudio.aiqua.in
4	evs.euw1.jivox.com	as.euw1.jivox.com 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
4	playercdn.jivox.com	as.euw1.jivox.com
4	sync.teads.tv	2 redirects www.elle.com 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	www.elle.com
4	824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	aiqua-sdk.c.appier.net	cdn.qgraph.io
3	www.facebook.com
3	r5---sn-4g5e6nzs.c.2mdn.net	www.elle.com
3	sync.mathtag.com	3 redirects
3	fonts.gstatic.com	fonts.googleapis.com link.elle.com.tw
3	www.googletagservices.com	824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com link.elle.com.tw
3	nexus.ensighten.com	www.elle.com nexus.ensighten.com
3	static-assets.hearstapps.com	www.elle.com static-assets.hearstapps.com
2	r-log.dable.io	static.dable.io
2	cdnjs.cloudflare.com	link.elle.com.tw cdnjs.cloudflare.com
2	api.dable.io	static.dable.io
2	api.sail-personalize.com	ak.sail-horizon.com
2	gwiq-v3.globalwebindex.net	gwiqcdn.globalwebindex.net
2	connect.facebook.net	nexus.ensighten.com connect.facebook.net
2	cdn.giosgusercontent.com	www.elle.com
2	ade.googlesyndication.com	www.elle.com
2	gcdn.2mdn.net	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	ssbsync.smartadserver.com	824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
2	b1sync.zemanta.com	2 redirects
2	x.bidswitch.net	2 redirects
2	cs.media.net	2 redirects
2	rtb.openx.net	824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
2	sync-tm.everesttech.net	2 redirects
2	as.euw1.jivox.com	824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com as.euw1.jivox.com
2	fonts.googleapis.com	securepubads.g.doubleclick.net
2	www.google.de	www.elle.com
2	region1.google-analytics.com	www.googletagmanager.com
2	api.quantumgraph.com	1 redirects www.elle.com
2	match.adsrvr.org	www.elle.com static-assets.hearstapps.com
2	c.amazon-adsystem.com	static-assets.hearstapps.com c.amazon-adsystem.com
2	sb.scorecardresearch.com	static-assets.hearstapps.com www.elle.com
2	cdn.qgraph.io	assets.hearstapps.com cdn.qgr.ph
1	images.dable.io	static.dable.io
1	ajax.googleapis.com	api.dable.io
1	cm-exchange.toast.com
1	api.popin.cc	nexus.ensighten.com
1	link.elle.com.tw	nexus.ensighten.com
1	ak.sail-horizon.com	nexus.ensighten.com
1	gwiqcdn.globalwebindex.net	nexus.ensighten.com
1	cstudio.aiqua.in	cdn.qgraph.io
1	assets.euw1.jivox.com	as.euw1.jivox.com
1	code.createjs.com	as.euw1.jivox.com
1	r1---sn-4g5e6ns6.c.2mdn.net	www.elle.com
1	s.ad.smaato.net	1 redirects
1	ssum-sec.casalemedia.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	api.rlcdn.com	static-assets.hearstapps.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	gocm.c.appier.net	1 redirects
1	aiqua-user.c.appier.net	cdn.qgraph.io
1	tr.line.me	www.elle.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.elle.com
1	googlesync.permutive.com	www.elle.com
1	certify-js.alexametrics.com	nexus.ensighten.com
1	d.line-scdn.net	nexus.ensighten.com
1	cdn.shopify.com	nexus.ensighten.com
1	a.teads.tv	static-assets.hearstapps.com
1	cdn.permutive.com	0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
1	0272ac85-5199-4024-a555-397c3d825d95.prmutv.co	0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
1	hearst.gscontxt.net	static-assets.hearstapps.com
1	0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app	static-assets.hearstapps.com
1	cdn.qgr.ph	www.elle.com
1	www.elle.com
0	ad-log.dable.io Failed
0	idsync.admixer.co.kr Failed
0	analytics.ad.daum.net Failed
0	cdn.euw1.jivox.com Failed	as.euw1.jivox.com
0	certify.alexametrics.com Failed	www.elle.com
322	95

This site contains links to these domains. Also see Links.

Domain
event.elle.com.tw
www.elleshop.com.tw
preferences.hearst.com.tw
www.facebook.com
www.instagram.com
www.youtube.com
line.me
instagram.com
www.hearst.com
www.hearst.com.tw

Subject Issuer	Validity	Valid
cosmopolitan.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-01-31` - `2024-03-03`	a year	crt.sh
nexus.ensighten.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-07` - `2023-10-14`	a year	crt.sh
aiqua.appier.com Amazon	`2022-04-08` - `2023-05-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
api.permutive.com R3	`2023-02-16` - `2023-05-17`	3 months	crt.sh
0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app E1	`2023-01-26` - `2023-04-26`	3 months	crt.sh
*.gscontxt.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-08` - `2023-12-08`	a year	crt.sh
*.prmutv.co R3	`2022-12-21` - `2023-03-21`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
teads.tv R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
cdn.shopify.com R3	`2023-01-17` - `2023-04-17`	3 months	crt.sh
line-apps.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-11` - `2024-01-11`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2022-05-30` - `2023-06-27`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon RSA 2048 M01	`2023-02-08` - `2023-10-11`	8 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2022-08-08` - `2023-09-09`	a year	crt.sh
*.api.qgraph.io Amazon RSA 2048 M01	`2023-02-03` - `2023-04-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.app.euw1.jivox.com Amazon RSA 2048 M02	`2023-02-10` - `2023-12-15`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.jivox.com DigiCert TLS RSA SHA256 2020 CA1	`2022-05-13` - `2023-06-13`	a year	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
euw1.jivox.com Amazon	`2022-11-11` - `2023-12-11`	a year	crt.sh
cstudio.aiqua.in Amazon	`2022-05-03` - `2023-06-01`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-02-07` - `2023-04-18`	2 months	crt.sh
cdn.giosgusercontent.com Amazon	`2023-01-13` - `2024-02-11`	a year	crt.sh
*.giosg.com Starfield Secure Certificate Authority - G2	`2022-08-04` - `2023-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-12-01` - `2023-03-01`	3 months	crt.sh
gwiqcdn-v3.globalwebindex.net GTS CA 1D4	`2023-01-14` - `2023-04-15`	3 months	crt.sh
static.dable.io R3	`2023-02-21` - `2023-05-22`	3 months	crt.sh
ak.sail-horizon.com Amazon	`2022-12-20` - `2024-01-16`	a year	crt.sh
link.elle.com.tw R3	`2022-12-29` - `2023-03-29`	3 months	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2022-09-23` - `2023-10-24`	a year	crt.sh
gwiq.globalwebindex.net GTS CA 1D4	`2023-01-15` - `2023-04-15`	3 months	crt.sh
api.sail-personalize.com Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.toast.com Sectigo RSA Organization Validation Secure Server CA	`2022-06-30` - `2023-07-31`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Frame ID: 8C2E04D794B214D0BFCEB3A42D177598
Requests: 122 HTTP requests in this frame

Frame: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9BB04152F1AC7023439FE2207878C838
Requests: 1 HTTP requests in this frame

Frame: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FFA262E133A9AD8AA7C07BA03D48B2D6
Requests: 21 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: C4CA4A55507EBB6E8D8BA77178AF6FAD
Requests: 18 HTTP requests in this frame

Frame: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 8C08353A5BB78AD116977A3833E5BF12
Requests: 17 HTTP requests in this frame

Frame: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FD39761E3438C493AF95B6EB8788F382
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNVedOIbSIqmbxqyLbDwnKt53emMdtUQJjvGWAxcA9sIcUsVKD8ctGt2bwmoevjRCRQHuuJd2rxr3qoBPq8aDCaBB1n4I-6BYiceeJXd6zmet9XYErb0qO64N-onB235gDHXO0l3Wjl_bQpTn59rnMy_RqGnuA
Frame ID: 886493A9ABE3E2C10C6D506620277A7D
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNXWkq6wUTjH6nTFHFRb96GtcanW0__dCTIpMl7XNKCkp4FeofdsoJlq3bc0gmkE8KpuVlCHhgiwpulqHlzCwp12VEysomniE7qfDIW2e7bJe9ZXpN9XPtgxaycDaLFuD9o6bwxcttOnTAmtDSUP7-59YyC7_A
Frame ID: 040BA164914A4309C5AC21742CAA30F2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNUDK3TJ_Umv4E_cQYu5zjVMUN5V8gLD19m71TgDj4CebNSJP1XBYjBqJOhmoYLF9QBkDF05nteaRd-pUEPiFEdlJDDi7_r5h0d3GcHDgg-ot2hZELy3wM7OwoMV0mqci0chM0utxYaSx_R3HS7gupgEfWLOow
Frame ID: 82FC9D472346EA73FC1CD7DFFF575992
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F0A9D585F6A8C94EA955239CD0F47B48
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D4FE9A83B4725EEEA923479DF1CB73D4
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
Frame ID: BA6EAB0A49250141AA74C3E81413ACC2
Requests: 19 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
Frame ID: BCB4571225EECAEE84C8E3E2CC7D54DB
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C3BA48D62B871B42040761CCC3A3C29D
Requests: 9 HTTP requests in this frame

Frame: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Frame ID: C56B49D02D327618A8F1A0FD2739D6A3
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1EBE5CD68B4839436FA5F3F5327CE353
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0B9A4646E2317B7B25068FACE93A458F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C55A9C9096099F6D7F71C430F1A7A8D3
Requests: 3 HTTP requests in this frame

Frame: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Frame ID: 4FF7E9094DC64105A9154F0756BC310B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 71AD6655FB9E08A6B1C8DBD4787B5CDC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js
Frame ID: 8E4D1D2A742463E03CE88E7011DAB994
Requests: 1 HTTP requests in this frame

Frame: https://link.elle.com.tw/join/5sy/signup-module
Frame ID: DCA4CBEBFAFD5987EFBFF85E34FB2914
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E025E8DFF605326FB97AB611E2B6CCD5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F7321EA267E78525E51C37B7B9E5BB42
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: A006B4CF3A4C2947C701601910C3877C
Requests: 1 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: B59B5EBF91E6B1C6026548FB40004FF0
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

韓劇《女神降臨》車銀優、文佳煐、黃仁燁角色解析！網友狂讚「100%神還原漫畫」

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Ensighten (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

//nexus\.ensighten\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

322
Requests

87 %
HTTPS

36 %
IPv6

62
Domains

95
Subdomains

72
IPs

12
Countries

14779 kB
Transfer

21815 kB
Size

55
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://event.elle.com.tw/2023/ellerun/
Title: ELLE風格路跑

Search URL Search Domain Scan URL

URL: https://www.elleshop.com.tw/
Title: ELLESHOP

Search URL Search Domain Scan URL

URL: http://event.elle.com.tw/event/elle_subscribe/subscription.php
Title: 訂閱

Search URL Search Domain Scan URL

URL: http://preferences.hearst.com.tw/?utm_source=elle
Title: 電子報訂閱

Search URL Search Domain Scan URL

URL: https://www.facebook.com/elle.tw
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/elletaiwan/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/elletw123
Title: Youtube

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40ojy7419l
Title: Line@

Search URL Search Domain Scan URL

URL: https://instagram.com/elletaiwan/

Search URL Search Domain Scan URL

URL: http://www.hearst.com/
Title: Hearst.com

Search URL Search Domain Scan URL

URL: https://www.hearst.com.tw/
Title: 公司介紹

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f&google_tc= HTTP 302
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEKevITnn8yTjoE1FQxNAhc8&error=&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f&google_cver=1

Request Chain 65

https://api.quantumgraph.com/web/cm/ HTTP 302
https://gocm.c.appier.net/qg?a_i=/web/cm/?from=dback HTTP 302
https://api.quantumgraph.com/web/cm/?from=dback&qaid=G1swsKRmWB98JJG7O57v0A&noredir=1

Request Chain 130

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1

Request Chain 131

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-XDJhRmDMhMo.vqIj7oywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

Request Chain 133

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-XDJhRmDMhMo.vqIj7oywAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTc2MTI2MjA0OTk1NzY5NQ%3D%3D

Request Chain 138

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1

Request Chain 139

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-XDJmp62D7ElQBkbwuibAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

Request Chain 141

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0

Request Chain 142

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 166

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELk463K9UK4ZCYZAqU1sO90&google_cver=1&google_push=Aa02lx-mdZjzpXyuBVDsJLaEiSxF6UpcWR4BMMoIKKcQsd37OhQ2o_qW3heW8_ddn_Uvl4Hn_kX2X_aqt2SQR84eqKthsm9lX7940A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-mdZjzpXyuBVDsJLaEiSxF6UpcWR4BMMoIKKcQsd37OhQ2o_qW3heW8_ddn_Uvl4Hn_kX2X_aqt2SQR84eqKthsm9lX7940A

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_cver=1&google_push=Aa02lx_A9-bUdSRl_pJ4_yq9t69IN1M0h3qb0_iVVO6QCI8fccwUVitrZ7rkxfFYV9AM5icUSMzwM8iT6gF2mb_tAiOpKXHM_Y5ipg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx_A9-bUdSRl_pJ4_yq9t69IN1M0h3qb0_iVVO6QCI8fccwUVitrZ7rkxfFYV9AM5icUSMzwM8iT6gF2mb_tAiOpKXHM_Y5ipg

Request Chain 168

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEKD-w4Za6Pc6Q78zpTmqY&google_cver=1&google_push=Aa02lx8eJHCYhcs6tG0GI2SvfMB-Zp6ukOLSiE82sFMiy_34QzNMZgQHyr-rzXZrDiRFVI8zinol10-zooPk3YDmlGPWWVULw3Zo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8eJHCYhcs6tG0GI2SvfMB-Zp6ukOLSiE82sFMiy_34QzNMZgQHyr-rzXZrDiRFVI8zinol10-zooPk3YDmlGPWWVULw3Zo&google_hm=eS1OSm1majBCRTJwRl9qaXFLaDhRNjNZaUFkOVVvbDd0U35B

Request Chain 170

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED0RBWQ_KYzFG3R-X8o6338&google_cver=1&google_push=Aa02lx-gG6dtW_kYo20XS-PvrdZPF_0xb7UMgCQdl6K5ZBhwKhVJ2AT7SnCee0Q_YY65JaAKDTmBhTyylQDHSUSaYpKoRDHbFC5VvA HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED0RBWQ_KYzFG3R-X8o6338&google_hm=Y_XDJhRmDMhMo-vqIj7ozAAAFFsAAAIB&google_nid=index&google_push=Aa02lx-gG6dtW_kYo20XS-PvrdZPF_0xb7UMgCQdl6K5ZBhwKhVJ2AT7SnCee0Q_YY65JaAKDTmBhTyylQDHSUSaYpKoRDHbFC5VvA

Request Chain 171

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI9ddOpqtrjmZ9vkt9V9c_E&google_cver=1&google_push=Aa02lx-preze5Jes2JAKNqKYIXgsGuu-rzl1q01_E7Iprmhdql62wdjRlgTuNzolAJ6hJZBr4hyjWketXeVnwbHVn6nMMsJrQxLYMQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-preze5Jes2JAKNqKYIXgsGuu-rzl1q01_E7Iprmhdql62wdjRlgTuNzolAJ6hJZBr4hyjWketXeVnwbHVn6nMMsJrQxLYMQ

Request Chain 172

https://cs.media.net/cksync?type=g&google_gid=CAESEJemTKDtkWI9weNoIOlt4Zs&google_cver=1&google_push=Aa02lx-abldkzC50qUF4qNRPYfNRWyR4qbDe52VCTF0XWy3h1buufvkoYhW0bjXCHdgZ7MaYrwTPCTbXeaoqHtgQC-XrA5IppioM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-abldkzC50qUF4qNRPYfNRWyR4qbDe52VCTF0XWy3h1buufvkoYhW0bjXCHdgZ7MaYrwTPCTbXeaoqHtgQC-XrA5IppioM&gdpr=&gdpr_consent=

Request Chain 187

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELk463K9UK4ZCYZAqU1sO90&google_cver=1&google_push=Aa02lx_HOoyb0qEoNXLh1q9QtqET817G5ReK61J4YXsgyYltVXI91WZ_z3z1iQXFLV83KDXG5SoYA7TlpRs_fD5hduHtSUcNzTJHKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_HOoyb0qEoNXLh1q9QtqET817G5ReK61J4YXsgyYltVXI91WZ_z3z1iQXFLV83KDXG5SoYA7TlpRs_fD5hduHtSUcNzTJHKQ

Request Chain 188

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_cver=1&google_push=Aa02lx-C21L17Atgyz0QoICeFUvGl9xMK9R0JEEde_7mw9I0U3050mDBMKN-T_AxkwBzMjT2SVG2zJIf_py25cO9JQd2S_Oq7VhZ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx-C21L17Atgyz0QoICeFUvGl9xMK9R0JEEde_7mw9I0U3050mDBMKN-T_AxkwBzMjT2SVG2zJIf_py25cO9JQd2S_Oq7VhZ

Request Chain 189

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI6S2xIsPlovp36TEFqSO9U&google_cver=1&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxIkMrkCuwGhw HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI6S2xIsPlovp36TEFqSO9U&google_cver=1&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxIkMrkCuwGhw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxIkMrkCuwGhw&google_hm=5qpODxc7S5aqO36d7nrocA==

Request Chain 191

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBtVAUbE1jrMMwKaGwysmH0&google_cver=1&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35Nj4hdfD4IV_UEKRVg HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBtVAUbE1jrMMwKaGwysmH0&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35Nj4hdfD4IV_UEKRVg&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35Nj4hdfD4IV_UEKRVg&google_hm=MWp4dThwcWtjWHZzUkZBakV0bk8=

Request Chain 193

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENwzDYPDJsBQ0OIvCweK77U&google_cver=1&google_push=Aa02lx-RHk-IZOn4jHAQak5eu5YbyJFydsktOY8aa8F-j0eCwXxpFZe1duM-MMhW--3kVC1kvMJWHBCbNfC3lzxcbyKPbHUU4nCAzhs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-RHk-IZOn4jHAQak5eu5YbyJFydsktOY8aa8F-j0eCwXxpFZe1duM-MMhW--3kVC1kvMJWHBCbNfC3lzxcbyKPbHUU4nCAzhs HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 195

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELk463K9UK4ZCYZAqU1sO90&google_cver=1&google_push=Aa02lx_2076t_pzw-1Se4UA032WJTGH95Oo6XQKNE7Lef5Sqy2nUhmPhqPfl0FYtGN7Ph_J5MiYpDaC1jU4gyUwIwZ_xH0n3YFV9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_2076t_pzw-1Se4UA032WJTGH95Oo6XQKNE7Lef5Sqy2nUhmPhqPfl0FYtGN7Ph_J5MiYpDaC1jU4gyUwIwZ_xH0n3YFV9

Request Chain 196

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAQrccLxGUggXcIvhWlW5rs&google_cver=1&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9pW9oPprKluSccvQinKxG2mmvZLNQ HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAQrccLxGUggXcIvhWlW5rs&google_cver=1&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9pW9oPprKluSccvQinKxG2mmvZLNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMjcyMTY2MTQ5NjUzMTM1MA&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9pW9oPprKluSccvQinKxG2mmvZLNQ

Request Chain 197

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQX2PgLxtCA6aNOI5w_r3g&google_cver=1&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vwPQr0Ttyc0KaAg HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQX2PgLxtCA6aNOI5w_r3g&google_cver=1&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vwPQr0Ttyc0KaAg&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vwPQr0Ttyc0KaAg&google_hm=GMq8pGZHyjymlCeZRXKJa3-p

Request Chain 198

https://cs.media.net/cksync?type=g&google_gid=CAESEJemTKDtkWI9weNoIOlt4Zs&google_cver=1&google_push=Aa02lx84oT9uW_AieIFRSVo6uuq0l8hhoRXI3sthsUVvkTelow6G8ZP106R6e_7AO0bjSqKq7BG_1PXWsVmBoW2BlOPgHCpYYuMYeg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx84oT9uW_AieIFRSVo6uuq0l8hhoRXI3sthsUVvkTelow6G8ZP106R6e_7AO0bjSqKq7BG_1PXWsVmBoW2BlOPgHCpYYuMYeg&gdpr=&gdpr_consent=

Request Chain 200

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHcpRt3MUqg8ZZbQ8wXgDi0&google_cver=1&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8pXqM5MFS_4iTR90j360-Yk3fO6cRlwGoo4TwQ1DsPFU5Zk HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHcpRt3MUqg8ZZbQ8wXgDi0&google_cver=1&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8pXqM5MFS_4iTR90j360-Yk3fO6cRlwGoo4TwQ1DsPFU5Zk&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12UE9VZ2g1RTJ1RnRFY1R6ODguOEtBMTlrTVR1U2tGTH5B&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8pXqM5MFS_4iTR90j360-Yk3fO6cRlwGoo4TwQ1DsPFU5Zk

Request Chain 201

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENwzDYPDJsBQ0OIvCweK77U&google_cver=1&google_push=Aa02lx-GDxCk-zMpk6sZOysiQ_dOjc_7f9nrmtf53I-3y_oxnVcTC5mimfR37tUAKYGkOreMgBp_p5aSob-duqGjKsVP4L78vgj0tOY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-GDxCk-zMpk6sZOysiQ_dOjc_7f9nrmtf53I-3y_oxnVcTC5mimfR37tUAKYGkOreMgBp_p5aSob-duqGjKsVP4L78vgj0tOY HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 235

https://gcdn.2mdn.net/videoplayback/id/c45e7b1ecafa1e51/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/78A6341E2C4D0E229C434D3629D7E2B05367BCE9.5E9A670D1315CEB0180D7BE3A5C9E0CF77DA6236/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5e6ns6.c.2mdn.net/videoplayback/id/c45e7b1ecafa1e51/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3A51CE004629B182DF9D71FCE5EDB2FFE2C7B0CB.5CBC8EFD561A4E16AF4709DFEBFF9F8A9ABB4594/key/cms1/cms_redirect/yes/mh/6R/mip/2001:1b60:1010:2:1012:7052:2b0c:bd5c/mm/42/mn/sn-4g5e6ns6/ms/onc/mt/1677050061/mv/u/mvi/1/pl/36/file/file.mp4

Request Chain 236

https://gcdn.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/5092A65432CAEE2B93DC0DADB2AC876D2266B009.9B1EEE0D82449A0401C76194648023BEF8E1463F/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/643F7795989B5F14597886DC82DCEFF6D64C557D.29DA9FA3EFC0DD03394FE2D382441160D2B35B83/key/cms1/cms_redirect/yes/mh/Ud/mip/2001:1b60:1010:2:1012:7052:2b0c:bd5c/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1677050061/mv/u/mvi/5/pl/36/file/file.mp4

322 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/ 335 KB
62 KB 766ms
651ms Document
text/html 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.64.155 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5577fdfc26f7e867f280b1a7471d8b0e30ead2f3e6b3dbc6cc25c931027a8128

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31557600; includeSubDomains
X-Frame-Options	sameorigin

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
cache-control: max-age=0, must-revalidate, no-store, private
content-encoding: gzip
content-length: 62351
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 07:24:16 GMT
etag: 623fe90c5fb7717adffb9fad023e4048
expires: Wed, 22 Feb 2023 07:29:15 GMT
fastly-restarts: 1
pragma: public
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31557600; includeSubDomains
vary: X-Arb, X-GDPR, X-ADSFREE, Accept-Encoding
x-cache: MISS, MISS
x-country: DE
x-frame-options: sameorigin
x-gdpr-site: 0
x-robots-tag: all

GET
H2 200 appier-tag.3384e96.js Show response
assets.hearstapps.com/assets/dist/js/ 2 KB
1 KB 102ms
58ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/appier-tag.3384e96.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9ca0de9dc943e53d768af9404952e9efae3d6d21757461a64ad9c6b5c7807577

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: .x1SCybBaM.d6YFU6Q5ZVv0nAIF8jqSf
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: D97ZFTB2T722EDKK
age: 3073486
x-cache: HIT, HIT
content-length: 852
x-amz-id-2: wpzn2BTNLo7aZqGtJj2FqX6Os76vZzxF+Cj83+KtJVaRu9Vy1ie9i+jTjB8WryhuYPRbzmEmq7U=
last-modified: Sat, 14 Jan 2023 21:13:38 GMT
etag: "ab4a59a324143ce7def51811355a772c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 17 Jan 2024 23:28:16 GMT

GET
H2 200 jquery.864c6f5.js Show response
assets.hearstapps.com/assets/dist/js/shared/ 84 KB
30 KB 73ms
30ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/jquery.864c6f5.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93cfb830fed3ded32de50bfaf8e1d6ce9cd75e14f06cb8554fffe77aec7897c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 3WrfzYrrcoG3BiCYKTarhlqRlRcsyBBD
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: 6555SPKP377VDZHP
age: 25203586
x-cache: HIT, HIT
content-length: 30033
x-amz-id-2: p0A8oEP1xgbufUbGhfy0J1komRLCmAGNtOqrK4d0WJ3bUxZQwUSOMJHgATcN8IfLjyn9N8Lj/MI=
last-modified: Fri, 06 May 2022 14:15:48 GMT
etag: "0464e61e178cb8eb818b24cdd2c98c01"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Sat, 06 May 2023 20:13:15 GMT

GET
H2 200 vendors.2982034.js Show response
assets.hearstapps.com/assets/dist/js/shared/ 43 KB
15 KB 72ms
29ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/vendors.2982034.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cd14007b2af9067305acf14109ea6daa709434fd78fdb81d2c8247b4b237aec0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 6dScdaRePRSUVvdZeFmLh8hBd3U4Na02
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: A2XH01DHHH5F3Y3Z
age: 23668539
x-cache: HIT, HIT
content-length: 15008
x-amz-id-2: vhGCX2QK1S5niKOF0MvDc2Hil5ld54BrGpt8pSBYg5R1CkyVQ4UB6NK+nGO2KfED2HRvqXVTHEk=
last-modified: Mon, 23 May 2022 19:49:19 GMT
etag: "49fc6552f7353e0ec03819edd46f8dfd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 24 May 2023 14:37:21 GMT

GET
H2 200 font-observer.2ce5a97.js Show response
assets.hearstapps.com/assets/dist/js/ 12 KB
5 KB 72ms
29ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/font-observer.2ce5a97.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 76294c41ef0f428cdb85913d7887e2f4dad6e04a2a59d9a59cf3545345df5de2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: LSxbXKr7pwGX9SasgrKjuXUod2sKgTJ5
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: XH0AXYHH24361G7Y
age: 16202791
x-cache: HIT, HIT
content-length: 4642
x-amz-id-2: rvccFYXseBvuOGrA8pz7X2x2ijFvvYWYA/NHVWm6CygJVZ/+1YuPM0qtMC5t/X7t35LKUriWjhgxi67FTn8HQA==
last-modified: Thu, 18 Aug 2022 18:21:15 GMT
etag: "46475746efb8bf302057609201b4b165"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Sat, 19 Aug 2023 00:26:29 GMT

GET
H2 200 article.01439a6.js Show response
assets.hearstapps.com/assets/dist/js/ 270 KB
83 KB 78ms
35ms Script
text/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5e46f8e70f7f10c7b7ec395dbc0882a56585754c10d8dc67663b9e92792ee030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: D06qBPc2a4DH0McmDSm.qJgRooNk2joD
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: XJ47TNZN6G9BBTDH
age: 1950950
x-cache: HIT, HIT
content-length: 84827
x-amz-id-2: Qn4bFVdpp9aaTRfY8cfwJtXNsnoH8y8A5ODFJp/QrByKuGZGjJe9CSIwZIR8dFx5TcZiE2sq4WI=
last-modified: Mon, 30 Jan 2023 17:15:12 GMT
etag: "809c3e2bd46eb209e012ab63d29ef012"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Tue, 30 Jan 2024 23:17:11 GMT

GET
H2 200 IconFont.715bd0fb607d39da3e335ac7b23e3145.woff2
assets.hearstapps.com/sites/elle/assets/fonts/ 4 KB
5 KB 124ms
27ms Font
font/woff2 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/fonts/IconFont.715bd0fb607d39da3e335ac7b23e3145.woff2
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ffbfc1cb7d42d0ea77128be1d5f48e6962147f22159e6cdfdcc714357db8494a

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: Ve9kvAw.3G.lqPv_14rr9YUbL.i8NsB1
date: Wed, 22 Feb 2023 07:24:16 GMT
last-modified: Thu, 19 Jan 2023 19:14:38 GMT
x-amz-request-id: QVRMCV12JKJ0P3YF
age: 2496022
etag: "1dc565f672289724fba5b4140daf5fa5"
x-cache: HIT, HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 4368
x-amz-id-2: gyXioXJGyUBwzYeaaBImx/8HyJjaOBIDg9iADRL37xOlaAI8Utz6ni4x+7zMJ3n8jayFe+/NAG29JahEZKY37w==
expires: Wed, 24 Jan 2024 15:52:39 GMT

GET
H2 200 fonts-deferred.316a6ee.css
assets.hearstapps.com/sites/elle/assets/css/locales/tw/ 4 KB
1 KB 100ms
57ms Stylesheet
text/css 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0d4f883e599715941cba313983967950cf2f62b74b2bac9e682be38c286f9adf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: IHSWAQb.332aFeNOaDqS3l7jwdAPC1vi
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: 3HX0W5XXWQV3BX6C
age: 3708053
x-cache: HIT, HIT
content-length: 792
x-amz-id-2: vJzkJVexOosuwNvqOPeWdJ3rnX5VufZpfURpPGfonhRmhhJ5u5NwvVVc46P8Hqjy80ouVSbG50M=
last-modified: Thu, 05 Jan 2023 16:17:35 GMT
etag: "478db66efd616a962f1e1ec4f8b1f3e6"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 10 Jan 2024 15:12:08 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 111-1605260600.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 83 KB
83 KB 160ms
111ms Image
image/jpeg 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/111-1605260600.jpg?crop=1.00xw:1.00xh;0,0&resize=980:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 23aa1fc46d3b9ceff5b2455f8ef736c7fc2665f165b19d6aaa198ba32efd2ed6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 980:490
x-canonical-ops: crop=1200:600;0,0&resize=980:490
age: 2409758
x-source-image-dimensions: 1200:600
content-type: image/jpeg
access-control-allow-origin: *
x-cache: HIT, MISS
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 84523

GET
H2 200 211-1605257213.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 105 KB
106 KB 76ms
28ms Image
image/jpeg 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/211-1605257213.jpg?crop=1.00xw:0.935xh;0,0&resize=980:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: dd967e616301cab9256f9ac11ec95ba92f0827a32b71600f50173e6e0ccd0caf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 980:652
x-canonical-ops: crop=1266:842;0,0&resize=980:652
age: 1799505
x-source-image-dimensions: 1266:900
content-type: image/jpeg
access-control-allow-origin: *
x-cache: HIT, HIT
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 107837

GET
H2 200 218-1605257212.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 86 KB
86 KB 117ms
116ms Image
image/jpeg 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/218-1605257212.jpg?crop=1.00xw:0.950xh;0,0.0504xh&resize=980:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 66ae8a9ebcfa6082e3084553611214ee1fac8141fdeb2886cfd1d24ece044a8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 980:660
x-canonical-ops: crop=1270:855;0,45&resize=980:660
age: 3700043
x-source-image-dimensions: 1270:900
content-type: image/jpeg
access-control-allow-origin: *
x-cache: HIT, MISS
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 87603

GET
H2 200 moapt-bundle-hdm.js Show response
static-assets.hearstapps.com/_assets/moapt/2.49.0/ 98 KB
30 KB 64ms
29ms Script
text/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-bundle-hdm.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 86bf0847d6f3769f9691d7daf528513c44e0403b309972af721c77d175cd726c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: QPa9UiCatabgKrM3gHNdANoRZskR9Fo0
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: E1GZ24WPT0F151X4
age: 563437
x-cache: HIT, HIT
x-amz-meta-release: 2.49.0
content-length: 30645
x-amz-id-2: Rfd2Lg2vT2jiuMY9wK0+ogp3Vixi3jcotmWRcefCpjmLwcaL7HrumDnrQJoTq7gIiANvXXcvzCo=
last-modified: Wed, 15 Feb 2023 18:48:10 GMT
etag: "e824fb2c5ab85af562a15a00c679e8d1"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=648000,must-revalidate
accept-ranges: bytes

GET
H2 200 moapt-data.js Show response
static-assets.hearstapps.com/_assets/moapt/2.49.0/ 80 KB
27 KB 61ms
27ms Script
text/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-data.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 021af807a11798ecd298f72f9b4d9684d5c999092b53250a87ef8c3cd34be174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: EA9KJee.hrFyK6JQg7pbJTK36hO4aAR5
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: E1GWZMKW7VYM6YS0
age: 563438
x-cache: HIT, HIT
x-amz-meta-release: 2.49.0
content-length: 27810
x-amz-id-2: 09TMAEhWq1pU3K/8e1e1Mj0zuZBw3hc3pt6K/hbdErz9cxWEmQ7X+c6l1sYLe1rT5LhrXSUFgI8=
last-modified: Wed, 15 Feb 2023 18:48:10 GMT
etag: "817f57a526e94e947990d774459c560f"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=648000,must-revalidate
accept-ranges: bytes

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/hearst/mag-tw/ 106 KB
25 KB 206ms
29ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/hearst/mag-tw/Bootstrap.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: a0aa346dac13c493191e89831298a8b64a39f39a5197db5bb933ccce021ba507

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 14 Feb 2023 15:58:13 GMT
x-amz-version-id: nhtFA_.YlwlR0TJDpkfhzy9g.AIa7zpl
content-encoding: br
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 660364
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 14 Feb 2023 15:57:43 GMT
server: CloudFront
etag: W/"e61c90c98cd51317fe824931e358a43d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
x-amz-cf-id: 76DOs8VakvDTzNnEe9w8nRndofUZHG1Qv9sAdKQeQUV04eylgQSWxg==

GET
H2 200 listicle.1873634.css
assets.hearstapps.com/sites/elle/assets/css/locales/tw/ 74 KB
11 KB 28ms
27ms Stylesheet
text/css 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/listicle.1873634.css
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31629ed146a31974ef1e3702293fc6707362949b8e040e8734f1bc2dc20bcad1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: G6ua4cekxOh2FE2pJEXEyuk5Xzd7u62X
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: 0QMWM495C38D89GH
age: 645653
x-cache: HIT, HIT
content-length: 11292
x-amz-id-2: FKy75Tcjz2lTfkwrbkF9j6LYB1IwhLUl2WDFW4AzQI8esJQPh0CcuvnHbWepxO0bVeGCh2iecMNmwpqZkjzY1Q==
last-modified: Tue, 14 Feb 2023 19:52:11 GMT
etag: "f92cc5f2b5ca81173635438f7e8fa35f"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Thu, 15 Feb 2024 01:52:08 GMT

GET
H2 200 qgraph.c34cc9ed7d93ccd626f9.js Show response
cdn.qgr.ph/ 2 KB
2 KB 120ms
33ms Script
text/javascript 13.227.219.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgr.ph/qgraph.c34cc9ed7d93ccd626f9.js
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.227.219.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-227-219-83.ams54.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1574202535e3a1824e978aa64aa1583edc9f65ae1f63949d02136ab251cbe490

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: QnYLjH867QM4V.q7e2TUisDp0uIjVv3H
date: Wed, 22 Feb 2023 06:36:13 GMT
via: 1.1 d2322e4264977966de69a888b2e0eba8.cloudfront.net (CloudFront)
last-modified: Mon, 16 Jan 2023 10:19:57 GMT
server: AmazonS3
x-amz-cf-pop: AMS54-C1
age: 2950
x-amz-server-side-encryption: AES256
etag: "483ece86d630dbeb47709ce439c6425b"
x-cache: Hit from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 1727
x-amz-cf-id: LtT0ReUmHGmJwUVs4qlVTQOg-ZH4b9n7i7GrLq_esu8oWkiIWIf_YQ==

GET
H2 200 qg-sw.js Show response
cdn.qgraph.io/v3/r/ 119 KB
39 KB 892ms
745ms Script
application/javascript 18.173.5.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgraph.io/v3/r/qg-sw.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/appier-tag.3384e96.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.5.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-5-79.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d85c52d1490988697d148ece1feccc9ab9f3ea039fd745a33c4589772d23f7e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: gzip
via: 1.1 62106b168ab54fb8472f59ef6c264a5c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Feb 2023 02:06:12 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-P1
x-amz-server-side-encryption: AES256
etag: W/"ebe942f43936463c921cda2dce6c2e6e"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: WxjOS8WjmqjvCOd_bBrJ3a2pYBn9gVEKw3d4GoTOwTQbw9s72aBQug==

GET
H2 200 NotoSansTC-Regular.woff2
assets.hearstapps.com/sites/elle/assets/scss/locales/tw/fonts/ 2 MB
2 MB 55ms
54ms Font
font/woff2 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/scss/locales/tw/fonts/NotoSansTC-Regular.woff2?8.226.0
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a884503e82e75e12747a73b1f79baebc9a0227a6f8c83137820df303f3cca842

Request headers

Referer: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: wux0Ijmx.uG.C0tXM3Jhf4wDyAXcHdWz
date: Wed, 22 Feb 2023 07:24:16 GMT
last-modified: Wed, 21 Sep 2022 16:57:49 GMT
x-amz-request-id: 4YEQ40VQ1162REWA
age: 4471446
etag: "f68c721353520e42240e4c13ee4471f0"
x-cache: HIT, HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 1857952
x-amz-id-2: 6HJ8KwXULsz9O/xz08KYGTAs8yARFxQMWGvq/omRTg0PihyIC6/pejW5jswh/vL8pJoeKrNGIHg=
expires: Fri, 22 Sep 2023 11:55:40 GMT

GET
H2 200 Saol-Display-Light.ccf1108.woff
assets.hearstapps.com/sites/elle/assets/fonts/ 42 KB
42 KB 26ms
26ms Font
application/font-woff 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/fonts/Saol-Display-Light.ccf1108.woff
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0ea8bfd1bba2a3be9f8dbff13247a4e98fc7f15ee88bc238ca09a9faa6013b0f

Request headers

Referer: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: rHqGxTPfFrSXO23E.89kWJj8y0MWOOPJ
date: Wed, 22 Feb 2023 07:24:16 GMT
last-modified: Thu, 05 Jan 2023 16:17:38 GMT
x-amz-request-id: D3SHYB1ZMZ65D3AD
age: 3781516
etag: "ccf1108379f98897de7a2aa7ec88aaf1"
x-cache: HIT, HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 42580
x-amz-id-2: AgABd6GykNm/w8JomYvIY6GVS6xlGA4/COSi2UFaWaFwxN3ZzXf95b1QeES/BPCeo8f8K5qBUOQ=
expires: Tue, 09 Jan 2024 18:47:45 GMT

GET
H2 200 Saol-Text-Regular.f844ff0.woff
assets.hearstapps.com/sites/elle/assets/fonts/ 50 KB
50 KB 74ms
74ms Font
application/font-woff 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/fonts/Saol-Text-Regular.f844ff0.woff
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ab6c6bf63431e97d327735811fe3b66346e5bce1e8a8074d0ebd077d657366a4

Request headers

Referer: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 8XYCew6i8p9Q4wOC0wxD4Ho6KlAyOyrd
date: Wed, 22 Feb 2023 07:24:16 GMT
last-modified: Thu, 03 Nov 2022 18:59:17 GMT
x-amz-request-id: JSQQZSAT4H8V17P8
age: 9337321
etag: "f844ff086796c9828a8328b0edabb77b"
x-cache: HIT, HIT
content-type: application/font-woff
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 51230
x-amz-id-2: IMOXM3Zk0xDyJP7CxkuHuwe78JkmdP5qDVHps4s1hpJE/HKrf4ZJSlUwdsiTuxjoxdTV2W77u5Q=
expires: Mon, 06 Nov 2023 11:31:01 GMT

GET
H2 200 NotoSansTC-Bold.woff2
assets.hearstapps.com/sites/elle/assets/scss/locales/tw/fonts/ 2 MB
2 MB 73ms
73ms Font
font/woff2 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/scss/locales/tw/fonts/NotoSansTC-Bold.woff2?8.226.0
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c28c1b032643280830e17cda07020b339340696ddead910a86c7c99fecd6cc7d

Request headers

Referer: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: Z08CV5r4SGAHmY68QlKfrEVrps9rgh9n
date: Wed, 22 Feb 2023 07:24:16 GMT
last-modified: Wed, 09 Nov 2022 15:09:00 GMT
x-amz-request-id: 7N45Z31VV30NE4QV
age: 4348045
etag: "ad821a457451c4b20b9e89b0554eda29"
x-cache: HIT, HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 1952040
x-amz-id-2: ZLTVmgEztF5tNL/4rjMWiqXxeLUvA0kAdgv9UHAWUTJHxQerGSo2Hqp0xuFI8zszUMaoEN/YrCE=
expires: Fri, 10 Nov 2023 18:17:23 GMT

GET
H2 200 image-track-inview.620f50b.js Show response
assets.hearstapps.com/assets/dist/js/shared/inview/ 2 KB
1 KB 27ms
26ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/inview/image-track-inview.620f50b.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 74c84b791ab1725dbd61a7afea4d7c358aadcaaf94dc476bfca3ccedc36395a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: u71TdiBQNcTZhxkA8VG8aNpPmDTv7A2l
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: YC4WGMC1PGZ0J4K8
age: 15171886
x-cache: HIT, HIT
content-length: 928
x-amz-id-2: Wi0vJ32itSJo+b4Jsi8RTU52NOl+yCsDnM35s3eAtiJj2y88QdFZYIS6A7ixGKb7uVY600qIpTU=
last-modified: Tue, 30 Aug 2022 00:49:17 GMT
etag: "2ef16e65e16b063b78a74a6835180dc1"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 30 Aug 2023 22:48:16 GMT

GET
H2 200 front-row-1676979057.png
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 105 KB
105 KB 29ms
28ms Image
image/png 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/front-row-1676979057.png?crop=1.00xw:1.00xh;0,0&resize=320:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bcc44281557cd646b8bddfd843c8f52c6ff48826720fb1b1a21dd5e5f9ae81c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 320:160
x-canonical-ops: crop=2560:1280;0,0&resize=320:160
age: 4933
x-source-image-dimensions: 2560:1280
content-type: image/png
access-control-allow-origin: *
x-cache: HIT, HIT
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 107646

GET
H2 200 befunky-collage-4-1675949874.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 8 KB
8 KB 34ms
33ms Image
image/jpeg 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/befunky-collage-4-1675949874.jpg?crop=1.00xw:1.00xh;0,0&resize=320:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 8a659e4a5fc20d29de2005e69cc87d5577e13c67712b911124f7fd0452ea9ae5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 320:160
x-canonical-ops: crop=2000:1000;0,0&resize=320:160
age: 1044983
x-source-image-dimensions: 2000:1000
content-type: image/jpeg
access-control-allow-origin: *
x-cache: HIT, HIT
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 8247

GET
H2 200 fotojet-1676882304.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 15 KB
15 KB 29ms
28ms Image
image/jpeg 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/fotojet-1676882304.jpg?crop=1.00xw:1.00xh;0,0&resize=320:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b76041737b756fd65607bbc028490dca7780c2fc5d73787c20e19a5e71776d4b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 320:160
x-canonical-ops: crop=2000:1000;0,0&resize=320:160
age: 72538
x-source-image-dimensions: 2000:1000
content-type: image/jpeg
access-control-allow-origin: *
x-cache: MISS, HIT
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 15609

GET
H2 200 %E9%9F%93%E5%9C%8B%E6%AB%BB%E8%8A%B1-1676367264.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 17 KB
17 KB 33ms
32ms Image
image/jpeg 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/%E9%9F%93%E5%9C%8B%E6%AB%BB%E8%8A%B1-1676367264.jpg?crop=1.00xw:1.00xh;0,0&resize=320:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c582ae17a32c1a4d865e630b2c0a1f999c701ed7bf9b23bf5d8e7f708b9de9b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 320:160
x-canonical-ops: crop=1200:600;0,0&resize=320:160
age: 396265
x-source-image-dimensions: 1200:600
content-type: image/jpeg
access-control-allow-origin: *
x-cache: MISS, HIT
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 17600

GET
H2 200 collage-1673941669.jpg
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 13 KB
13 KB 35ms
34ms Image
image/jpeg 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/collage-1673941669.jpg?crop=1.00xw:1.00xh;0,0&resize=320:*
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 01442b7b416e05e74115d43435d53dc701174c3f51cfc5cd1c1b5df00b9d5937

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
x-image-dimensions: 320:160
x-canonical-ops: crop=2000:1000;0,0&resize=320:160
age: 3045254
x-source-image-dimensions: 2000:1000
content-type: image/jpeg
access-control-allow-origin: *
x-cache: MISS, HIT
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 13701

GET
H2 200 noto-serif-tc-v7-chinese-traditional_latin-regular.woff2
assets.hearstapps.com/sites/elle/assets/scss/locales/tw/fonts/ 2 MB
2 MB 43ms
43ms Font
font/woff2 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/sites/elle/assets/scss/locales/tw/fonts/noto-serif-tc-v7-chinese-traditional_latin-regular.woff2?8.226.0
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 798023dd5f7cbd4a17ca819f8fb1e31de67829edfca4b7acca04dfca6d898f41

Request headers

Referer: https://assets.hearstapps.com/sites/elle/assets/css/locales/tw/fonts-deferred.316a6ee.css
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: pZuiB1f22DYwkd_6tfFa8YO_IIo0hApo
date: Wed, 22 Feb 2023 07:24:16 GMT
last-modified: Tue, 04 Oct 2022 18:16:19 GMT
x-amz-request-id: B36WAYBT56GB3048
age: 4614636
etag: "14bd75e243889c15451d1bd697251d71"
x-cache: HIT, HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-length: 1908796
x-amz-id-2: bB6sE+J4sjm08FMEKEKWCBP2NR4oULtu6YpOiPZ5pUcidYi7kVLEuxpjvnypKaQOknM0qNEBWhc=
expires: Fri, 06 Oct 2023 12:29:47 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 110 KB
43 KB 175ms
68ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-4080264-1

Requested by

Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-data.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d100aff97db2949ce14423c859dfd0e5c6156d0c3398d3558846c0c4507f25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44103
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Feb 2023 07:24:16 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 109ms
35ms Script
application/javascript 52.222.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-data.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-45.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:51:49 GMT
content-encoding: gzip
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: AMS50-C1
age: 23169
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: sBICCk-oMd1X-N7pkXlU47k70MpV0HvNENI0cU5UB3hQ3x20sVniCg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 107ms
38ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-data.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79c5ff3bba77ab9e97397805206f41b76ff73fa9e49819356e6749c294eb3a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26538
x-xss-protection: 0
server: sffe
etag: "1490 / 787 of 1000 / last-modified: 1677020724"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 22 Feb 2023 07:24:16 GMT

GET
H2 200 moapt-bidder-pb.6.29.0.js Show response
static-assets.hearstapps.com/_assets/moapt/2.49.0/ 266 KB
79 KB 29ms
28ms Script
text/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-bidder-pb.6.29.0.js
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-data.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 61e53f48fe122b277362f702f253d83bdc3fbc1e3f1c1bc8d0635256a8a6a45d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: AsMA_s_5YuDGUt7XWlLKEpITzD8TLx8K
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:16 GMT
x-amz-request-id: 8R3SVSQEEW9F07K2
age: 563304
x-cache: HIT, HIT
x-amz-meta-release: 2.49.0
content-length: 80749
x-amz-id-2: dX5pgQxD2pbjmEPtTxqOoKomfTd+NDndQIbi67jUcoHScPpXv2DRRb+ByssK8RVsMVSMLKD3DB0=
last-modified: Wed, 15 Feb 2023 18:48:10 GMT
etag: "869b6bd3a2be5c0754ad0f940dd9cd5b"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=648000,must-revalidate
accept-ranges: bytes

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 219 KB
54 KB 143ms
33ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-data.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:53:35 GMT
content-encoding: gzip
via: 1.1 1f49a084ca923f375f74b42fa36ef428.cloudfront.net (CloudFront), 1.1 5626bf35345f32d3e58fb8d33ec4d966.cloudfront.net (CloudFront)
last-modified: Wed, 15 Feb 2023 21:28:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1, FRA56-P3
age: 1842
x-amz-server-side-encryption: AES256
etag: W/"0b8b1ce84f37b3852d15570cccfe1752"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: 3882OcMTTjrXLrweimsXFGjckhDDvcj-ZwXDtnbyNTOD4QlsPH7p8A==

POST
H2 200 segment Show response
api.permutive.com/ctx/v1/ 34 B
163 B 133ms
58ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/ctx/v1/segment?k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-bundle-hdm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: /
Resource Hash: ddddca89f22892de575454b6b5a0853664d069c8c286f32b5e849d25018f540f

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34
content-type: application/json

GET
H2 200 5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js Show response
0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/ 635 KB
197 KB 135ms
48ms Script
application/javascript 2606:4700::6812:af
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-bundle-hdm.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:af , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e59cdee15a53329b86a08df86c67da51cf83b8ecf46bd1394efb2c611ef40d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 0272ac85-5199-4024-a555-397c3d825d95
age: 0
x-guploader-uploadid: ADPycdt0y6xrT5I8OpNFV5KGh8MgQzI8GKQCjk_8Vv_JcI_D9_BYNBbUDD9hZWWgn9lhgvqj6-aKSuE-Z1rMvswEXCQn0p1Kg30S
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Mon, 20 Feb 2023 16:04:44 GMT
server: cloudflare
etag: W/"bf2b682e40c819287b6fb53c4651714a"
vary: Accept-Encoding
x-goog-generation: 1676909084522751
content-type: application/javascript
x-goog-hash: crc32c=8yphnQ==, md5=vytoLkDIGSh7b7U8RlFxSg==
cache-control: public, max-age=900
x-goog-stored-content-length: 208449
timing-allow-origin: *
cf-ray: 79d5fb2bbdc535fc-FRA
expires: Wed, 22 Feb 2023 07:39:16 GMT

GET
H/1.1 200
OK channels.cgi Show response
hearst.gscontxt.net/ 219 B
297 B 857ms
116ms Script
application/javascript 150.136.29.250
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://hearst.gscontxt.net/channels.cgi?url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-data.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 150.136.29.250 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 97fb7cddeac119e0dd7a4fefd55c9011ce2a32be9c43b18b397484499274a12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 219
Content-Type: application/javascript

GET
H2 200 aiqua.js Show response
cdn.qgraph.io/v3/r/ 408 KB
120 KB 745ms
744ms Script
application/javascript 18.173.5.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgraph.io/v3/r/aiqua.js
Requested by: Host: cdn.qgr.ph
URL: https://cdn.qgr.ph/qgraph.c34cc9ed7d93ccd626f9.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.5.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-5-79.cph50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9614887cbf9d1312619bcd3b6feeddd905c3150508a69a967ebc44be900b344c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:18 GMT
content-encoding: gzip
via: 1.1 62106b168ab54fb8472f59ef6c264a5c.cloudfront.net (CloudFront)
last-modified: Tue, 21 Feb 2023 02:06:12 GMT
server: AmazonS3
x-amz-cf-pop: CPH50-P1
x-amz-server-side-encryption: AES256
etag: W/"918ecb761d90599233b06cc40b6dd8d6"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: no-cache
x-amz-cf-id: GoPkh86Uwvs92UN6He5zwAsMYkkxVvCeKMc_8KpYEFPlRGkv4C3ZJQ==

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/hearst/mag-tw/ 280 B
589 B 44ms
44ms Script
text/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/hearst/mag-tw/serverComponent.php?namespace=Bootstrapper&staticJsPath=nexus.ensighten.com/hearst/mag-tw/code/&publishedOn=Tue%20Feb%2014%2015:57:23%20GMT%202023&ClientID=109&PageID=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F%3Fgdpr%3Dfalse%26selfhostedads%3Don%26template%3Dlisticle
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 27971d743a7c8a246a7a0bdd148f4c49e78c71f8622d8081c10facb218f9af5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: text/javascript
cache-control: no-cache, no-store
content-length: 280
x-amz-cf-id: TLDnQuJLFmZnqUGrYtenBkqX4KBrhvM8aqYYO2q3zEZ_ffVyP37M5w==
expires: Wed, 22 Feb 2023 07:24:15 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 42ms
42ms Image
text/plain 52.222.139.45
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=13016544&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1677050656878&ns_c=UTF-8&c7=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&c8=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&c9=
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-45.ams50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
via: 1.1 d8c5e23736c47a3e5184b0a78042898e.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
x-amz-cf-id: wPD8Kb63pYmo9RqX1raCDe5d9EvjKocLYqvwMYG4m0a1BWdzamGWVA==
x-cache: Miss from cloudfront

GET
H2 200 pubads_impl_2023021601.js Show response
securepubads.g.doubleclick.net/gpt/ 382 KB
129 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:03:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1260
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132097
x-xss-protection: 0
last-modified: Thu, 16 Feb 2023 09:35:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 22 Feb 2024 07:03:16 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 329 B
168 B 95ms
37ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.elle.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b99c20cade8fb923e13e6856fa79a7281349678f6cbd6d02600c1557aebda05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 143
x-xss-protection: 0
expires: Wed, 22 Feb 2023 07:24:16 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 84ms
28ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 69cc5dd318e02cb1a7e8cb9951f553d8.cloudfront.net (CloudFront)
date: Wed, 22 Feb 2023 04:02:32 GMT
x-amz-cf-pop: FRA56-P3
age: 12105
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: fvopSyfp2N0UKtVKS69JkzIWUhkmTqozXIoFZ9qdgexAsiLM7VRbwQ==

GET
H2 200 pxid Show response
0272ac85-5199-4024-a555-397c3d825d95.prmutv.co/v2.0/ 46 B
392 B 109ms
36ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0272ac85-5199-4024-a555-397c3d825d95.prmutv.co/v2.0/pxid?k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 4bd53de97fd6b376abb0a07be1e0d853eff84b80fef23f6a3b9127c349166b0e

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66

GET
H/1.1 200
OK getuidj Show response
ib.adnxs.com/ 11 B
814 B 107ms
34ms XHR
application/json 185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:17 GMT
AN-X-Request-Uuid: c4844cd2-6135-4138-b8d2-ab979c125b7f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: application/json; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.elle.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 11
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 5144d139-048e-4bfe-88e1-96d0a6523fc3-models.bin Show response
cdn.permutive.com/models/v2/ 26 KB
19 KB 155ms
79ms XHR
application/x-binary 104.19.150.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/5144d139-048e-4bfe-88e1-96d0a6523fc3-models.bin
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.150.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1316a931f2c4f295f5c04965db58fb7afa4a82949b359b51af85d84cc8614909

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-goog-meta-oid: 0272ac85-5199-4024-a555-397c3d825d95
age: 0
x-guploader-uploadid: ADPycdtyv653vdz_y7zV3WKBnOOjNxzY0hra4oJv3lQzpM_YeS25D6sUIbBhoShveBYr8K02BydjQk7icHdYOh53gu9Ah_WWT5sq
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 18472
last-modified: Mon, 20 Feb 2023 16:04:47 GMT
server: cloudflare
etag: "bd516bde79e49f01556f1c1db3fde0e5"
vary: Accept-Encoding
x-goog-generation: 1676909087091887
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=NSy3Tg==, md5=vVFr3nnknwFVbxwds/3g5Q==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 18472
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d5fb2e7a3a9b61-FRA
expires: Wed, 22 Feb 2023 07:24:17 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ 242 B
298 B 40ms
39ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: acc7ee71c8fe91fc977afc562969871a639f666ccbf06f2f464af5f318c5e833

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 172

POST
H2 200 watson Show response
api.permutive.com/v2.0/ 4 KB
1 KB 50ms
49ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/watson?k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 32b43ecb4e56f75010f9f5aa8f503692926e898f70de76b95d1bc084a5c444b4

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:16 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1449

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 150ms
45ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4080264-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 07:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 731
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 22 Feb 2023 09:12:06 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 90ms
89ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-CNQJNVX68C&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4080264-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2279582dc2bd85f3279b4d29272558719cacf776e08120aa98a02fb2ef5a44f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69195
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Feb 2023 07:24:17 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 185 KB
68 KB 73ms
72ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BTTN4BQHSS&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4080264-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ebce13bdad79a11269a32d84672299bcd15d00266d09f65334e4ea4d68af9a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69093
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 22 Feb 2023 07:24:17 GMT

GET
BLOB 200
OK d81cd63c-86f1-4dcb-8bf5-2796aa55b849
https://www.elle.com/ 307 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elle.com/d81cd63c-86f1-4dcb-8bf5-2796aa55b849
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c0c9214b79263152f74210ded53cbbbf45b8b47336e4f677c660037932aa5dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 314220
Content-Type

GET
BLOB 200
OK bf52850c-a1be-4893-89d4-2283da054f1f
https://www.elle.com/ 307 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.elle.com/bf52850c-a1be-4893-89d4-2283da054f1f
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6c0c9214b79263152f74210ded53cbbbf45b8b47336e4f677c660037932aa5dd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 314220
Content-Type

GET
H2 200 d169d732ef2343ec5c0c72c0a33168c3.js Show response
nexus.ensighten.com/hearst/mag-tw/code/ 47 KB
13 KB 33ms
33ms Script
application/javascript 65.9.66.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-24.fra56.r.cloudfront.net
Software: CloudFront /
Resource Hash: 49e1f995ac34c0fc8444f3c369ff54049926e2dd9dd53b0a9eb4c50046d968be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 01 Feb 2023 19:28:05 GMT
x-amz-version-id: 0fov169L95uKebbPjBcs_J1C0z2Qe5fZ
content-encoding: gzip
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1770973
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Wed, 01 Feb 2023 19:27:45 GMT
server: CloudFront
etag: W/"9d98b78e510477af2da5e457f4035ab1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
x-amz-cf-id: Za8Q61FB85oXMak9CPdxaVjRrm-tCSxIxOMleBPHc6h7MRscVSlZZA==

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
388 B 229ms
72ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-bidder-pb.6.29.0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.elle.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Wed, 22 Feb 2023 07:24:17 GMT

POST
H3 200 identify Show response
api.permutive.com/v2.0/ 50 B
85 B 103ms
44ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/identify?k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 0a35ed9349ac55a582ca22d6ad44ca745ba8e0a4e028574531cc230b089cca79

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67

GET
H2 200 utm.js Show response
cdn.shopify.com/s/files/1/0254/0393/files/ 595 B
1 KB 116ms
46ms Script
text/javascript 23.227.60.200
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.shopify.com/s/files/1/0254/0393/files/utm.js?v=20190711173524

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

23.227.60.200 Etobicoke, Canada, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee6081b33aa9e8eaad724e592d1a557528b75919799936f98ac3e89171908838

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-dc: gcp-us-central1,us-central1
age: 1820028
content-encoding: br
server-timing: imagery;dur=50.329, imageryFetch;dur=48.996, cfRequestDuration;dur=49.000025
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
x-request-id: f2b5e37a-7a8f-4ffc-86f1-1cd17246cef9
last-modified: Fri, 26 Aug 2022 02:56:21 GMT
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uw%2FERzXEnR%2Bxq0j1t1ydYdddwzlR2bU5VUjCMpgKqAGh97WHA8Y%2FMQ9qikDi00Sift5XVOi8BqEiLFbP0yzH8qXblupgTATWYePNL%2B7VKMsgolxx5EklnNsbhRJx0hd%2BNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31557600
timing-allow-origin: *
link: <https://cdn.shopify.com/s/files/1/0254/0393/files/utm.js>; rel="canonical"
cf-ray: 79d5fb2f3c8b363f-FRA

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 174ms
36ms Script
application/javascript 104.111.217.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.217.83 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-217-83.deploy.static.akamaitechnologies.com

Software

VOS /

Resource Hash

3404c3685d4329cac25eef1f9f68368817b06504f395d6012fc5673437709758

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: QeOsX9koaYaEVSwhu6Vgw7qS-9HmTwX
strict-transport-security: max-age=15768000
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:17 GMT
last-modified: Wed, 30 Nov 2022 03:10:52 GMT
server: VOS
x-amz-request-id: tx000001c7ddb41a39485f4-006386ca0c-10f518b1-jp2
etag: "d3d2564cc3580b0de15d9c80b04c8c6a"
vary: Accept-Encoding
content-type: application/javascript
x-rgw-object-type: Normal
cache-control: max-age=2097185
accept-ranges: bytes
content-length: 9943
expires: Sat, 18 Mar 2023 13:57:22 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 170ms
34ms Script
application/javascript 65.9.86.82

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.82 , United States, ASN (),
Reverse DNS: server-65-9-86-82.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Sat, 28 May 2022 01:59:52 GMT
Via: 1.1 38785d3727bf0cfa7ca4399bb481ee5a.cloudfront.net (CloudFront)
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
X-Amz-Cf-Pop: AMS1-C1
Age: 23347466
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: kWy0RWFC6exrHbcwubgDLB1vkD44t-gU_A1j6r4p7phiX3hd3gBcsQ==

GET
H2

201

sync
googlesync.permutive.com/v2.0/px/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f
https://cm.g.doubleclick.net/pixel?google_nid=permutive_dmp&google_cm=&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f&google_tc=
https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEKevITnn8yTjoE1FQxNAhc8&error=&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f&google_cver=1

35 B
176 B

113ms
38ms

Image
image/gif

34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEKevITnn8yTjoE1FQxNAhc8&error=&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f&google_cver=1
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
vary: Origin
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://googlesync.permutive.com/v2.0/px/sync?alias=CAESEKevITnn8yTjoE1FQxNAhc8&error=&type=ddp&k=26eac0c8-3713-4c4c-b681-5ca583930893&u=44f78248-eebf-4013-98bf-5334eeb3174f&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 404
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
265 B 165ms
58ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=dbegppc&ttd_tpi=1&ttd_puid=26eac0c8-3713-4c4c-b681-5ca583930893,44f78248-eebf-4013-98bf-5334eeb3174f&gdpr=1&gdpr_consent=
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 22 Feb 2023 07:24:17 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3 200 segment Show response
api.permutive.com/adv/v2/ 30 B
44 B 59ms
58ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/adv/v2/segment?new-session=true&k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:17 GMT
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30
content-type: application/json

GET atrk.gif
certify.alexametrics.com/ 0
0

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 4732ms
258ms Image
text/plain 3.136.241.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.241.121 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-241-121.us-east-2.compute.amazonaws.com
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:21 GMT
server: Server

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 867ms
284ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=9ec20861-f9b7-4394-b8ba-e9b6d3e0080f&b_u=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&b_d=www.elle.com&b_p=%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&b_t=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&c_t=account&t_id=c5fa61d6-00d3-4734-9e11-eea958c8b005&s_id=f51e57bc-b6734025&x4=1&e=pv&v=3.3.0&_t=1677050657282
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 07:24:18 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
aiqua-user.c.appier.net/web-inapp/ 5 KB
5 KB 817ms
200ms XHR
application/json 13.228.49.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-user.c.appier.net/web-inapp/?appId=c34cc9ed7d93ccd626f9&firstTime=1&wUserId=2838082731687119&versionNo=0
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.228.49.89 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-228-49-89.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash: a72eb475656e82d8e4faa35719d044aa7e1a93c5852c21d57c51a67e5da1f930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 07:24:18 GMT
Server: Jetty(9.4.z-SNAPSHOT)
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.elle.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 4770

GET
H2

201

/ Show response
api.quantumgraph.com/web/cm/
Redirect Chain

https://api.quantumgraph.com/web/cm/
https://gocm.c.appier.net/qg?a_i=/web/cm/?from=dback
https://api.quantumgraph.com/web/cm/?from=dback&qaid=G1swsKRmWB98JJG7O57v0A&noredir=1

36 B
379 B

195ms
195ms

XHR
application/json

54.251.155.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantumgraph.com/web/cm/?from=dback&qaid=G1swsKRmWB98JJG7O57v0A&noredir=1
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Server: 54.251.155.116 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-155-116.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: 5b7c8e710580b7aa5813cd0737a74ba2fd38cb5a989df4218040ea92c68bbe9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:19 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 36
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Wed, 22 Feb 2023 07:24:18 GMT
server: nginx
content-type: text/html; charset=utf-8
access-control-allow-origin: null
location: https://api.quantumgraph.com/web/cm/?from=dback&qaid=G1swsKRmWB98JJG7O57v0A&noredir=1
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store
access-control-allow-credentials: true
content-length: 116

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 101 B
127 B 39ms
38ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e720c08cd4b48b3abb52c02fbc43332b34c4d14b3f3da4ff5f30413d60513782

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:17 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109

POST
H3 200 state Show response
api.permutive.com/v1.0/ 0
33 B 101ms
100ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v1.0/state?fetch_unseen=true&k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:18 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

POST
H3 201 usage Show response
api.permutive.com/v2.0/tpd/ 0
36 B 38ms
38ms XHR
text/plain 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/tpd/usage?k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:18 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 64ms
64ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=85324544&t=pageview&_s=1&dl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&dp=%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ul=en-us&de=UTF-8&dt=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABAAAAACAAI~&jid=1988031287&gjid=545511558&cid=883034114.1677050657&tid=UA-4080264-1&_gid=833762886.1677050657&_r=1&gtm=457e32f0&cd1=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&cd2=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&cd3=www&cd4=%E5%A8%9B%E6%A8%82%3A%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&cd5=no%20ad%20blocker%20detected&cd6=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F110.0.5481.100%20Safari%2F537.36&cd10=Desktop%20Wide&cd11=Portrait&cd12=1600x1200&cd14=ELLE%20TW&cd16=listicle&cd18=Not%20Eligible&cd19=73ae179f-a603-47f2-a667-fa3c38fb805a&cd21=listicle&cd22=%E5%A8%9B%E6%A8%82&cd23=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&cd24=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&cd25=(not%20set)&cd26=ELLE&cd27=elletw.listicle.34664581&cd28=(not%20set)&cd29=Hearst%20Editorial&cd30=%7CNews%7CEntertainment&cd31=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&cd33=Tiffany%20Lai&cd34=2020-11-13%2010%3A27&cd35=UA-4080264-1&cd36=n%2Fa&cd37=11&cd38=(not%20set)&cd39=(not%20set)&cd40=(not%20set)&cd42=(not%20set)&cd43=Evergreen&cd44=2020-12-09%2017%3A14&cd45=News&cd46=%E9%9F%93%E5%8A%87%2C%202020%E9%9F%93%E5%8A%87%2C%20%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%2C%20%E6%96%87%E4%BD%B3%E7%85%90%2C%20%E8%BB%8A%E9%8A%80%E5%84%AA%2C%20%E9%BB%83%E4%BB%81%E7%87%81%2C%20%202021%E9%9F%93%E5%8A%87%2C%20%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E5%AE%8C%E7%B5%90%2C%20%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E9%9F%93%E5%8A%87%2C%20%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E4%BD%9C%E5%AE%B6%2C%20%E6%BC%AB%E7%95%AB%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%2C%20%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E6%BC%AB%E7%95%AB%2C%20WEBTOON%2C%20%E6%9C%B4%E6%9F%94%E5%A8%9C%2C%20%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E7%B5%90%E5%B1%80%2C%20%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E7%B7%9A%E4%B8%8A%E7%9C%8B%2C%20ASTRO%2C%20%E9%9F%93%E6%98%9F%2C%20%E9%9F%93%E5%8A%87%E7%B7%9A%E4%B8%8A%E7%9C%8B%2C%20%E9%9F%93%E5%8A%87%E6%8E%A8%E8%96%A6%2C%20%E9%9F%93%E5%9C%8B%E6%BC%AB%E7%95%AB%2C%20%E6%BC%AB%E7%95%AB%2C%20netflix%2C%20%E6%84%9B%E5%A5%87%E8%97%9D%2C&cd47=(not%20set)&cd48=(not%20set)&cd49=2020-11-13%2008%3A41&cd50=Lifestyle%20%26%20Entertainment&cd57=(not%20set)&cd64=(not%20set)&cd69=0&cd70=(not%20set)&cd71=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&cd79=landing&cd80=(not%20set)&cd84=(not%20set)&cd87=sailthru%3Dfalse&cd88=2.49.0&cd89=legacyfre&cd100=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&cm2=1&cm12=1&cm15=1&z=1298562704

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
252 B 102ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-BTTN4BQHSS&gtm=45je32f0&_p=85324544&cid=883034114.1677050657&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677050658&sct=1&seg=0&dl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&dt=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BTTN4BQHSS&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 97ms
37ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-CNQJNVX68C&gtm=45je32f0&_p=85324544&cid=883034114.1677050657&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1677050658&sct=1&seg=0&dl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&dt=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-CNQJNVX68C&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
347 B 104ms
34ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-4080264-1&cid=883034114.1677050657&jid=1988031287&gjid=545511558&_gid=833762886.1677050657&_u=6GBAAUAAAAAAACAAI~&z=2144309329

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 22 Feb 2023 07:24:18 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.elle.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 105ms
41ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4080264-1&cid=883034114.1677050657&jid=1988031287&_u=6GBAAUAAAAAAACAAI~&z=1504540941

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 199ms
66ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-4080264-1&cid=883034114.1677050657&jid=1988031287&_u=6GBAAUAAAAAAACAAI~&z=1504540941

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/ 32 B
359 B 585ms
195ms XHR
application/json 13.229.1.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.229.1.241 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-229-1-241.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: efe00f3d426a1183ac172be8a38d86a5ac8c0862319f0a7df120407ab7c05291

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
Package-Name: www.elle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Feb 2023 07:24:20 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 32

OPTIONS
H2 200 /
aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/ Frame 0
0 613ms
195ms Preflight
application/json 13.229.1.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.229.1.241 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-229-1-241.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,package-name
Access-Control-Request-Method: POST
Origin: https://www.elle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.elle.com
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 1
content-type: application/json
date: Wed, 22 Feb 2023 07:24:19 GMT
server: Jetty(9.3.9.v20160517)

POST
H2 200 / Show response
aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/ 32 B
358 B 524ms
196ms XHR
application/json 13.229.1.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.229.1.241 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-229-1-241.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: efe00f3d426a1183ac172be8a38d86a5ac8c0862319f0a7df120407ab7c05291

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
Package-Name: www.elle.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Feb 2023 07:24:20 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 32

OPTIONS
H2 200 /
aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/ Frame 0
0 195ms
194ms Preflight
application/json 13.229.1.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/c34cc9ed7d93ccd626f9/data/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.229.1.241 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-229-1-241.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,package-name
Access-Control-Request-Method: POST
Origin: https://www.elle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.elle.com
access-control-max-age: 604800
cache-control: max-age=604800
content-length: 1
content-type: application/json
date: Wed, 22 Feb 2023 07:24:19 GMT
server: Jetty(9.3.9.v20160517)

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ 0
251 B 123ms
35ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=13603
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-bidder-pb.6.29.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 55.133.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:20 GMT
via: 1.1 google
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
387 B 51ms
50ms XHR
application/json 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=qwkgvub&fmt=json
Requested by: Host: static-assets.hearstapps.com
URL: https://static-assets.hearstapps.com/_assets/moapt/2.49.0/moapt-bidder-pb.6.29.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 1925b08f648040b392898dbf6c194f9c39c1ff4dba096f59e8c711c384602bf7

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:20 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.elle.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Fri, 24 Mar 2023 07:24:20 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 126ms
36ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.elle.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 103ms
37ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.elle.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 117 KB
32 KB 503ms
502ms XHR
text/plain 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2962143703103404&correlator=3598275014395902&eid=31072544%2C44777901&output=ldjh&gdfp_req=1&vrg=2023021601&ptt=17&impl=fifs&tfcd=0&iu_parts=36117602%2Chmitw-elle%2Centertainment%2Catf%2Cbtf&enc_prev_ius=%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F3%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F4%2C%2F0%2F1%2F2%2F3&prev_iu_szs=1x1%2C320x50%7C1x2%7C728x90%7C970x90%7C970x250%2C300x251%7C300x400%2C728x91%7C970x91%7C970x250%2C300x250%7C300x400%7C300x600&fluid=0%2Cheight%2C0%2C0%2C0&ifi=1&adks=1168777918%2C1057573399%2C572368535%2C3201977579%2C2490083001&sfv=1-0-40&ists=16&prev_scp=load%3Dimm%26position%3Doop%26avb%3D60%2C60%26adid%3Dgpt_outofpage%7Cpos%3D1%26position%3Datf%26load%3Dimm%26avb%3D60%2C60%26adid%3Dgpt_lb_a%7Cpos%3D5%26position%3Dbtf%26load%3Dimm%26avb%3D10%2C10%26adid%3Dgpt_gal_b%7Cpos%3D2%26position%3Dbtf%26load%3Dimm%26avb%3D10%2C10%26adid%3Dgpt_lb_b%7Cpos%3D4%26position%3Datf%26load%3Dimm%26avb%3D60%2C60%26adid%3Dgpt_gal_a&eri=5&cust_params=ab%3Dpx_d_1200%252C7%252Cs1%252Ct_d_l_1000%26page%3Dkdrama-true-beauty%26sect%3Dentertainment%26sub%3Ddrama%26artid%3Delletw_listicle_34664581%26type%3DNews%26dtype%3Dlisticle%26site%3Delletw%26src%3DN%252FA%26refer%3Dext%26orgpub%3Delle.com%26cat%3Dlifestyle_entertainment%252Cnews%252Centertainment%26tool%3Dlisticle%26has%3Dlegacyfre%252Cnodnt%252Cnomylo-nosub%26viewport%3Ddesktop_w%252Clarge%26pageurl%3Dwww.elle.com%252Ftw%252Fentertainment%252Fdrama%252Fg34664581%252Fkdrama-true-beauty%252F%26prmtvctx%3Drts%26permutive%3D40919%252C42534%252C44260%252C44261%252C44279%252C45938%252C47273%252C51613%252C51736%252C69716%252C73019%26prmtvsdk%3Dweb%26gs_cat%3Dresponse_check%252Cgl_chinesetraditional%252Cgv_safe%252Cgb_safe%252Cgs_entertain%252Cgs_entertain_tv%252Cgs_entertain_celeb%252Cgs_popculture_celeb%252Cgs_popculture%252Cgs_entertain_movies%252Cgs_books_comics%252Cgs_books&sc=1&cookie_enabled=1&abxe=1&dt=1677050661458&dlt=1677050656026&idt=980&adxs=0%2C436%2C1060%2C436%2C1060&adys=56%2C301%2C9371%2C10594%2C715&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C1%7C2%7C0&ucis=1%7C2%7C3%7C4%7C5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&frm=20&vis=1&psz=1600x0%7C1600x0%7C300x0%7C1600x0%7C300x0&msz=0x0%7C728x0%7C300x0%7C728x0%7C300x0&fws=132%2C132%2C132%2C132%2C132&ohw=1600%2C1600%2C1600%2C1600%2C1600&ga_vid=883034114.1677050657&ga_sid=1677050661&ga_hid=85324544&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75b2413a95695d01014489f6e958ef41b0cf5f5b0549d9c6402989b0d66ae430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:21 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32927
x-xss-protection: 0
google-lineitem-id: -2,-1,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.elle.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9BB0 6 KB
3 KB 233ms
74ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:21 GMT
expires: Thu, 22 Feb 2024 07:24:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FFA2 6 KB
3 KB 42ms
42ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:21 GMT
expires: Thu, 22 Feb 2024 07:24:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame C4CA 222 KB
60 KB 147ms
66ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Feb 2023 09:37:49 GMT
age: 423993
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 17 Feb 2024 09:37:49 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame C4CA 15 KB
6 KB 108ms
27ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 09:26:33 GMT
age: 511069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 16 Feb 2024 09:26:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame C4CA 94 KB
28 KB 111ms
31ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 15:08:49 GMT
age: 490533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 16 Feb 2024 15:08:49 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame C4CA 5 KB
2 KB 139ms
59ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 16 Feb 2023 15:06:03 GMT
age: 490699
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Fri, 16 Feb 2024 15:06:03 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame C4CA 40 KB
13 KB 140ms
60ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 17 Feb 2023 00:46:18 GMT
age: 455884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 17 Feb 2024 00:46:18 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C4CA 4 KB
694 B 105ms
39ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 07:24:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C4CA 4 KB
1 KB 102ms
37ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 06:41:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 container.html Show response
824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8C08 6 KB
3 KB 41ms
41ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:21 GMT
expires: Thu, 22 Feb 2024 07:24:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FD39 6 KB
3 KB 42ms
41ms Document
text/html 2a00:1450:400d:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:21 GMT
expires: Thu, 22 Feb 2024 07:24:21 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C4CA 3 KB
4 KB 100ms
29ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 07:24:59 GMT
x-content-type-options: nosniff
server: cafe
age: 86363
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3430
x-xss-protection: 0
expires: Wed, 22 Feb 2023 07:24:59 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame C4CA 344 B
449 B 100ms
30ms Image
image/png 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:32:17 GMT
x-content-type-options: nosniff
server: cafe
age: 75125
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 344
x-xss-protection: 0
expires: Wed, 22 Feb 2023 10:32:17 GMT

GET
H2 200 12403791156777324345
s0.2mdn.net/simgad/ Frame C4CA 688 KB
688 KB 130ms
60ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12403791156777324345

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c8180ea529ed557ceec9d3a523945ffcf6791d48859e4f036253f994c54a86a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:13:44 GMT
x-content-type-options: nosniff
age: 461438
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 704342
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 13:46:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 23:13:44 GMT

GET
H2 200 1826404598145121524
s0.2mdn.net/simgad/ Frame C4CA 270 KB
270 KB 100ms
30ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/1826404598145121524

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe6d0bb0e9a09a08b1e1129046fa124954bc541e1c8915a321df382f4a66bbce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:43:11 GMT
x-content-type-options: nosniff
age: 542471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 276250
x-xss-protection: 0
last-modified: Fri, 03 Feb 2023 13:44:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 00:43:11 GMT

GET
H2 200 ad
googleads.g.doubleclick.net/dbm/ Frame C4CA 42 B
440 B 116ms
50ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHAsfPngjtN1v6BMcq5D8LfZj11sug77OknVdNJYv6-6f1ayek1Ke1XBJEdHxvFOAZRD87LQY2SpTnijNQzd9PJljcGdP5o672y9JQpIDPWD2ChDwUYEseMUrgimLs_MpUocsNAD6Akct9Hsft3y-uFXhMXQ&dbm_d=AKAmf-C8DquMNB3nCIyR6AjSigKUdGYKAKTB2WOuzl-BjPJT7mdGBlYDLG7SQlwW8Aa89KNYkLOHhy-RpleRATppZp8L5fbp2gXQXlndBeNY98KFgraMv8BZZvgliZP7rVD3EDjF6mD5HwAsUei9SM5JJuRsbTt5NZoCPQm3tnxI0TBhUzTdq5qYbQ4iYJSA8tPMf9KIS0rd7pp1ZD7imRSKTz7N1TIVu9XF0BVgPpwCow0KLIL5ouYCh9H9TaQMf_ALNzTgJpYVYFxA7fcRPWU65e4G73dUeFWlsHBgGXJ1m_q4NTky7jJsO0JSfUg-kigH-dAEC034ImNo_D1W4-ruA2hg5M9pIAE7PeBovgrCgUl6XEVQIgndOzJvbhSgBtVvZ_M8KBw5ERkbbjLqR1hljKiwF0CdZIOiVN0m0kpxMKjazTqTVeUAsvCiAblL5FCHORqAh45VOFl5aO1Q2s8trtbUiEvXH1Q7jHk_oZyb_9mjkOEUHE3PEKG-_XLJbj71e8iMcHhuCb7ocrqn_5qpnmWvRb37gxbyMSnn-cLD3TD0Z_JUdqb-RhAbfGiwOWKnOn3xXnLtozz_XJJilmNW0zF3KvgNXfIyVRrIW8htnc27xinTGG09Jf-cMZReGeqtu0Dmf4WcPudGXfSyN78VxvepZTkz072KkR1WmWCvdawKaB6vTCBZ_dSRB5ZpRGLz73JNXuMei3Zeb5L4eEoqoFBcQNI0DlIpDALfUE2f11IX_IUUVfCH8-x_zszS8_dSVP_0k-u8WfhIpwdD0iS8LlnPk9YFejV9s4NZNjaZKl5cllBbYrjJC1KYPinstoI9pnYCHDcg2BjiTErGxQUc4BrSyA-rTmEh48ptHkHSVe-eAZuaHclPnpX9hUFN2VCPPiNIeLNVCyicMXBo1GLL4L8OeNwBpR-4QBI3tzDgOhFW8FzIN1D7mgp8ody847pnCZ7kGqmzt-vegshg7hggjdn8ZV1GIegjo0Wg1hTCJnsHdjA9Zw1yUM4gJfUBB2SM8dD-em86ue12o-L0QWY1jN3xC9kLxKQxiXY1ZHJYZ9wX1SoA0GcYWl1ZiRla7h-ucmuFGgvlJNwYjcrEZ5W_pZKZCYc-Y5g87DaSDN1HF8T-yJiGv3nsV4YM_Le4w0I0mKO-zmqMd2CiVXm58YZnifm-cyA8OrdcdulnTWDu0xFqU3dQvnIowF70Iy1g4PQVt5O7QIBNswUgywVc0uPQDos7Lq3nT7XAF9Al8MbuUGjysjNuAnoRf44nmlHAu5j_6kntFaAg2CMmo9qu1E4JDPJ3BoIm7U8GlGll8iF7sLMaIy2jbD6ZBO2nUx0PA6QQIk3RtlxdpAy8h4XqgLP64Sb5eb_MZLszWkDcmXoFWit6lo9XeLuGPjKyO8oLJFGJPUhQedj3fyofrFHFzSUu8kVLaOzbAfiQoczTOsxVBKcWrHDzYexmSqbqzbbEbcpVmudFKXiJqAielIbR5MOBEwCH0ufdAZE6ZbsfRq0ger_gBqClUbzLacXHmwd4YAPVDmcUIqhhUGn-ApAjxc_Aep2eBenlrW7l5URknDsaOlwNDIM19IlCdx-Zr_OOm-P3F2axl5uYEJxPeAwCl0-YrTQu5-Awh67_2g-5v77001SnH3mHwC5TMw2qV6pVHPHtiua4Sg5KfuTrxE79nGm5Fmb6qh9b9O4DiC10LuTUgpMzvu4LnV-74esLqGUV0MWZ0H3jUhKZd4DSWIY3A7TyPSoXXr2aQx91p7-Ph5e2Jx5YigXO_Trw8fGZK_Gk0Rd1qzhts14lS09FhRGi_9wEjlT4iZm5dEweAUbkumaKR4JsGlMudjwSdmVyVghY2fulB_xsWU0r7ZPHn4lBkaBbPg4QtD6wUptS5UjSU48xjRbMXpFtjvoug706saHt7gSOE6ZOO5qQwZ90ReZ8-XpXRzhaIwwbJh6LQvl_XevpaaVFFfABfj98Cw6yRlxt_qAc0f5pMUTkDx8_tFdKWFwANbJeUC6eomCYHHtqTqjmo_wYMj6Dvjo8Bg5tsg3yeCE5LEd8QjWo50KwLlznweetab28ZH5j3YsObxZMwLuS9Vr3sTd0Q2IF7VsdgOhQ_UaxZKZiTtT2waJ0jBHapPRahsvXzcaX5nGO4YAs48Wvj6gKnvBGmLIDKmAUt3-uzUqHfXpaIrH7gJU1WrhyKsRAAvHkk5ey5sAbdj0UrbveYD_C5D_LuT3FtMjaLzEcn-OAVUSJTUMGW1qTFAZVqVd9vLaCzdoDGW3Uc8I081tqWjkxWGaqbeAR69YYFKsfGFV5lcV6qB28HpOfME42TwudlVp7HV-nHlVWxdAfeIB5KtmOV9DXJHuqyZ1zJNsDIF6E4cDuK990Jwlj-m7-nIJaFw8nw2cqf1JOfWxqurC0zW5USLbOFD731d208VMRQ520mFL4eoQjjvBwChe7vY4Ntpb34oz9-c19Ga3L4k5HrjX9p6iyj-zTwYoVSu0PCAWdBPgXCBIBgCwhKhsL4WV7mdINQhI3jKUm0WC1lab6weMxSo-X_K3BxPX5j-gEnjJGCQsMX-kJgR0dUpCzkcrM6mJYQwlLtgLF-MXwStUyRs2qB6qEjrkEUCJhIMjsqzElEYDF1IDE509G_uM7q2mp_0tDxnXH2lbybmNy9vTKCE7cRnCZm7RTRninaXrTgY4fChjAs_bT8ddNNQDqQtsj9Fq8y5yGuT5vXYZ77asf-fs97yjAr7aOZAaX0WRs0yAWvRyMrI_FMiTR2BHFyYPHxH37T16aUGhIf5C3PqqmBjliBDHT2HIR03cOUkNea1DZVBl57CU8nOwckzT17I8_SbbYwhYvWDKQU3jiSKmg3EGLLxUFB8v_KOhYj0bHALXz0x2dZJqw29B81Cf0Gpuo79AgGQpYdbq78y3d4GDSfX0tLKlCe9__zmsOPd8ANNHLNwFlI7PwfwSgsOtHu1LBh3XfdHNLJA1qzj6yy00Im-mK1RxRfsH20Zc3c0OS_I5KS0NV9O4FG3EqCdfnlZhynvmTaqzh02UgTc1cBQ42N3JCLC1JJOiax3W1eB02t6F2ueCS_If5ozvXOOZONPAfY1-5qmxTQRE6r02Lf1VzKUBgWMe3YFr7W3gPEvUjy3r1kFSPHrOOyZ-1h4YMalJe8PoR8sE0Z5yrYIHb_zoLpYRzdJbFzWVTf-dPSP2a75H06buDrU4M6m7dJpUe5JJzZQm16_hp7nIFmqY4MOOCZR2i5NsO4SLWYRiHyUXT65R1-8JwlYmiwcA8kbdwPpsC0RBhkfnm5j58ExqFpGF3RFsWhKR6nO1Y3bZwomMAYDUiBwxSkDou4Rg-HdoUOVdBFtJZbXRAY1WIi8xDFI1HZy1gsXjF0hN99ZXWjOnmBspYg9Ck5mqLg1kyAMPmyOWgUxHGXqLGH-TMd9QBKsGtnEoUgM3meNt9XkcyHp59lvMpTsNpOHowhoDG1Xxx06RuYxwP-TYja0f-F7GS7BT89zkKabvz0lFUauSM2awPHQPboXLXzp0GEMoQM2oR1_y6XBJ_hg-XNOPl-0LG4yRgJzl5gYatKkY&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&dc_exteid=2904479424847257248&dc_pubid=4

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C4CA 0
0 66ms
64ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C4RC2JcP1Y-2QIZWPjuwP1-uXuAn9nYfdbeXVvZb8EPAuEAEgu-OHJGCV-vCBjAegAaWNhMEoyAEGqQKnhC3nouGxPqgDAaoE4wFP0K_dN5YYZQjqEav9rsQwltxdbo5c6F90VuFTQRQB91pyGd3xkx9KDT3p5sbr4LEEP8As80BPb_ri7vgXopqJyjSyfmMdjn3iiREj08o3lVpX3idX84Ir8bj88nRmRjeRsbf8qza_nrBw5Kiqm96iFZjZRNs4lNXbHSwnfHp1_C6R5mhPokxg0oMJ5QNE8gZhj18OcfBNCva2XA10KKQ-g15kGThOkG66DmOZpmDrjKYZhML7T5JdRrmm_HSY8ocTX0ofjcqBhz9uLkHnbe0s6IEIHiky1RY-1yIiaF7_vTyxHMAEsantjf8D4AQDiAWF5vqSQZIFBggDEAEYAZIFBggbEAEYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHpcXUoAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChDJigQYhOi64AHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAbATqqupEsgTr57j3wPQEwDYEw2IFAbYFAHQFQGAFwGyFx4KHAgAEhRwdWItMTMwMTU4MTU2MTc1NTIzNBiS7hU&sigh=KlDXmFd9cAA&uach_m=[UACH]&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&template_id=509&vt=10
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 204 l
www.google.com/ads/measurement/ Frame C4CA 0
0 38ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTi27Wv4NlXcFFLeWSvxb3k2MvmUMgTXIi1XVpnaFaeXlITgB0SOJhjMtq-uWMThX8hGGOcV0PQRM7o-CrwkpRBWURAww
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C4CA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2864a519253ffea0e4d737579b2e34916a380c27b623d45c156ded57c8b72abf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8864 624 B
310 B 72ms
70ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNVedOIbSIqmbxqyLbDwnKt53emMdtUQJjvGWAxcA9sIcUsVKD8ctGt2bwmoevjRCRQHuuJd2rxr3qoBPq8aDCaBB1n4I-6BYiceeJXd6zmet9XYErb0qO64N-onB235gDHXO0l3Wjl_bQpTn59rnMy_RqGnuA

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FFA2 78 KB
27 KB 180ms
115ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA2 42 B
107 B 127ms
62ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B38aZ6H-jlPrpZeSeQZmeNbRHhkXS8buOlwBQtrGuZ3XWNd6i7kSl2JskxiIzNDvNQBa5NffB9Zmx-xe41LsSysUygvMEB1mNuBsb_Haj2yphh7Sc

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA2 0
56 B 127ms
63ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5444874355269357547&x=1&ct=76

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame FFA2 3 KB
1 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 07:03:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame FFA2 20 KB
8 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 00:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 00:23:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FFA2 0
0 37ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQwXnyqASh0e2OHisYHKG96Pam5Idf3zl45yscbMXLWx8oSTtF4iC72IdeErukMpxNFoimnSKzt9ZLtoG0juKTOByQxA
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFA2 157 KB
48 KB 201ms
135ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 040B 624 B
285 B 70ms
63ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNXWkq6wUTjH6nTFHFRb96GtcanW0__dCTIpMl7XNKCkp4FeofdsoJlq3bc0gmkE8KpuVlCHhgiwpulqHlzCwp12VEysomniE7qfDIW2e7bJe9ZXpN9XPtgxaycDaLFuD9o6bwxcttOnTAmtDSUP7-59YyC7_A

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 8C08 78 KB
27 KB 235ms
174ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27798
x-xss-protection: 0
server: cafe
etag: 12162329123218539290
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C08 42 B
110 B 122ms
62ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CZbY0WCcosBVVtasoFj8T1HeHXztuuSQc949goHucx9D-kqMsM-8hTnb87uEk3ZwNlS7SksPv7693eBI6mFJl7ab3prEUUDKyvWouGqMsKU87Msk8

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C08 0
349 B 121ms
61ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13067021055030221438&x=1&ct=77

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK unit_renderer.php Show response
as.euw1.jivox.com/unit/ Frame 8C08 97 KB
26 KB 232ms
65ms Script
application/javascript 54.75.204.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.204.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-204-73.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 1b8e290b30ead72bb60fa0f9be142be299e2251e5d7b8063e9e93efa6cdc5482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Connection: keep-alive
Content-Length: 26391

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 8C08 3 KB
1 KB 38ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 07:03:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame 8C08 20 KB
8 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 00:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 00:23:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 8C08 0
0 42ms
40ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNgWIMMAPj_G97ssiDWOAELWG_p6XlBmeu6b-3oepuiKkrwr1gjEZmGnlNnPq2dplrxEnLW5uy39-c1K-s-3v7gqnqLQ
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C08 157 KB
48 KB 140ms
78ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 82FC 624 B
285 B 66ms
62ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNUDK3TJ_Umv4E_cQYu5zjVMUN5V8gLD19m71TgDj4CebNSJP1XBYjBqJOhmoYLF9QBkDF05nteaRd-pUEPiFEdlJDDi7_r5h0d3GcHDgg-ot2hZELy3wM7OwoMV0mqci0chM0utxYaSx_R3HS7gupgEfWLOow

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame FD39 78 KB
27 KB 239ms
181ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27790
x-xss-protection: 0
server: cafe
etag: 3677590245327912432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD39 42 B
107 B 119ms
63ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CANdQx8Xiw_gK95uETvmoexhRpUseGNVvw_otaWAA9GHm4mNefzrnKJ-ak0RzzEsYJgoGy82exWZgyP33Uy8jGMIhAsP-rsC6A_ZmxqmBXJHWe_X4

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD39 0
56 B 141ms
85ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=300243982080267706&x=1&ct=76

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame FD39 3 KB
1 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/window_focus_fy2021.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:03:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1262
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 07:03:20 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/ Frame FD39 20 KB
8 KB 35ms
33ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230216/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 00:23:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Mar 2023 00:23:23 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame FD39 0
0 39ms
36ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_enmwZqPzTydUnBUNiP0BZb5CMvUX8BnR54InRFS8-aJKh6XXc3BJWtxKePz91KqFHcOQESAQn1BfiAK5L5gUMi6sKQ
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD39 157 KB
48 KB 143ms
85ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49018
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1676996822105882"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4CA 15 KB
16 KB 90ms
27ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 14:05:36 GMT
x-content-type-options: nosniff
age: 494326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 14:05:36 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C4CA 16 KB
16 KB 96ms
34ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=zh-TW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.elle.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 16:22:50 GMT
x-content-type-options: nosniff
age: 572492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Feb 2024 16:22:50 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1

43 B
766 B

29ms
29ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNVedOIbSIqmbxqyLbDwnKt53emMdtUQJjvGWAxcA9sIcUsVKD8ctGt2bwmoevjRCRQHuuJd2rxr3qoBPq8aDCaBB1n4I-6BYiceeJXd6zmet9XYErb0qO64N-onB235gDHXO0l3Wjl_bQpTn59rnMy_RqGnuA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8864
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-XDJhRmDMhMo.vqIj7oywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2

43 B
632 B

28ms
28ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNVedOIbSIqmbxqyLbDwnKt53emMdtUQJjvGWAxcA9sIcUsVKD8ctGt2bwmoevjRCRQHuuJd2rxr3qoBPq8aDCaBB1n4I-6BYiceeJXd6zmet9XYErb0qO64N-onB235gDHXO0l3Wjl_bQpTn59rnMy_RqGnuA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8864
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

43 B
1 KB

85ms
35ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNVedOIbSIqmbxqyLbDwnKt53emMdtUQJjvGWAxcA9sIcUsVKD8ctGt2bwmoevjRCRQHuuJd2rxr3qoBPq8aDCaBB1n4I-6BYiceeJXd6zmet9XYErb0qO64N-onB235gDHXO0l3Wjl_bQpTn59rnMy_RqGnuA

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
AN-X-Request-Uuid: 0e926dc8-8259-4d23-96af-32ba0573c661
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8864
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0

170 B
188 B

44ms
44ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Feb 2023 07:24:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: c3dd403a-bb3e-4152-a86e-0a0a6ac539f6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 040B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1

43 B
766 B

29ms
28ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNXWkq6wUTjH6nTFHFRb96GtcanW0__dCTIpMl7XNKCkp4FeofdsoJlq3bc0gmkE8KpuVlCHhgiwpulqHlzCwp12VEysomniE7qfDIW2e7bJe9ZXpN9XPtgxaycDaLFuD9o6bwxcttOnTAmtDSUP7-59YyC7_A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 040B
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-XDJhRmDMhMo.vqIj7oywAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2

43 B
766 B

29ms
29ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNXWkq6wUTjH6nTFHFRb96GtcanW0__dCTIpMl7XNKCkp4FeofdsoJlq3bc0gmkE8KpuVlCHhgiwpulqHlzCwp12VEysomniE7qfDIW2e7bJe9ZXpN9XPtgxaycDaLFuD9o6bwxcttOnTAmtDSUP7-59YyC7_A
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 040B
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

43 B
1 KB

106ms
69ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGOG639MBMAE&v=APEucNXWkq6wUTjH6nTFHFRb96GtcanW0__dCTIpMl7XNKCkp4FeofdsoJlq3bc0gmkE8KpuVlCHhgiwpulqHlzCwp12VEysomniE7qfDIW2e7bJe9ZXpN9XPtgxaycDaLFuD9o6bwxcttOnTAmtDSUP7-59YyC7_A

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
AN-X-Request-Uuid: 14b8ae19-6679-47f1-bc3b-3b3e8cb49bca
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 040B
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTc2MTI2MjA0OTk1NzY5NQ%3D%3D

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTc2MTI2MjA0OTk1NzY5NQ%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Feb 2023 07:24:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 3e0917e2-c08d-4887-a2db-74fee27d6d04
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ3OTc2MTI2MjA0OTk1NzY5NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 82FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1

43 B
632 B

29ms
29ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNUDK3TJ_Umv4E_cQYu5zjVMUN5V8gLD19m71TgDj4CebNSJP1XBYjBqJOhmoYLF9QBkDF05nteaRd-pUEPiFEdlJDDi7_r5h0d3GcHDgg-ot2hZELy3wM7OwoMV0mqci0chM0utxYaSx_R3HS7gupgEfWLOow
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 82FC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y-XDJmp62D7ElQBkbwuibAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1

43 B
632 B

30ms
30ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNUDK3TJ_Umv4E_cQYu5zjVMUN5V8gLD19m71TgDj4CebNSJP1XBYjBqJOhmoYLF9QBkDF05nteaRd-pUEPiFEdlJDDi7_r5h0d3GcHDgg-ot2hZELy3wM7OwoMV0mqci0chM0utxYaSx_R3HS7gupgEfWLOow
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIoq_y4Sv4_Ea-ceLYeJ4uc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 82FC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

43 B
1 KB

88ms
52ms

Image
image/gif

185.89.211.116
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI_HFRC614ABGN2C7d4BMAE&v=APEucNUDK3TJ_Umv4E_cQYu5zjVMUN5V8gLD19m71TgDj4CebNSJP1XBYjBqJOhmoYLF9QBkDF05nteaRd-pUEPiFEdlJDDi7_r5h0d3GcHDgg-ot2hZELy3wM7OwoMV0mqci0chM0utxYaSx_R3HS7gupgEfWLOow

Protocol

HTTP/1.1

Server

185.89.211.116 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
AN-X-Request-Uuid: b336277f-02fd-4766-8eba-1216d2adcf7f
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHzmz9fP7FSgLnp7jhwyJ3s&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 82FC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0

170 B
188 B

39ms
38ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Feb 2023 07:24:22 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 84.19.175.183; 84.19.175.183; 956.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: e8d4c701-a64d-4fca-bc7d-0e1c051432cf
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTA4NTM3NTI2NjE3Mjg4MDE0
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame C4CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

42ms
41ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Redirect headers

date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA2 0
56 B 61ms
61ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9795246174593&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA2 0
56 B 62ms
62ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9795246174593&version=m202301230201&ct=76&x=1&cor=5444874355269358000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FFA2 82 KB
34 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaDVHs-MJcURTy6uVXINbKRnrEvDXIu3xunNNAG5FBYKuvqLhPWfSLS1M62Zh-_PPc0L2R8O9KElT1jUwvmvzTGDX_dg&cry=1&dbm_d=AKAmf-A3frjclBAdzPt2cSNxvJ-Fa6PwSAEGxSnF-OS0nn2heIK3TCYx_WC3ZZByFWLZCkHHcZk-_oxWdij5DyvcfNJs347TGEFkQ60Jh9ySYIAVP84usEmqc7PGKj0UGP3BPlm9REAWzDD3KCtgokvJyLDrMffa8LSx5wPzlbs0tQgaTgfB-D8SYBV9RW10CccY8Xyjmn_EiLuKVsj_4J7NMu2rqXCdCTGwi5Nc4XTBf8FS9Nrwp7JZvOATCVGJSvrFXmFBVMf73fXVFNIYXDJCbmUpxpF7RBhm9ZP6HSHH9K0BFGwXC1LgkbUAG-5h3o6Cw9Ttg_sn33zs28EL6Zs0pnLh_20jPprhTf8HuQV4TZSVboCUG4fLOWBkpeJAMjr54HTkWM7if5Yh4rkEE-TDHxPdlago0zhhQ8Bg4RzlCFig3p2TgIhPKsfuxiTHcz3b4OhQ49ZAxcU7HE99TrJ_MqtAJHJPi96AGOzgcc-DfwNAVWo26wd2ybYCZfbOu7Vbzlf7t1caaY-Ds4oiu3Rr_kY7IZZdCKHtDJoYKYIiFzHX_gZioISqOIRgPc_WdRsMaJKURN1-5lIaCGwWcGRX6r4elffp4uYSLL2m66V22NSV8-D0iIKUh-YOAhRkO_kT8EhlkCMvwNs5C-8JwhmbJQ6ISi2kqvYcdP7WAa6KYpwvX9IB_5XVPpPuCpm0RRS7dKjwcBVV7ebGV72DzWEluZR163sGES1yIiYV7eaWvTQLVHM0bdTAtPyH5Lm_iBEZaJseh8Ut5BZei3AqXSISBKQd7AWauLkZyiAqIuHvKRfHpopDf-_zPDRmYyXxniu5nA0PUbEkxnQSgsB7LmLyQnrPd-0WVNyK87xnCiWcgasgf743kR9Z0TAAWLws8m3BCQFICJVKUQY-9mMER33yoIbXaYwO-pBrvvnwYc645PI33xu_AAytqrOSpe4tfgu6Zhx22r2Rc5rGro42DFbkmxHL0hZoigcrk04YgZMks3WzaP-h10CXWhT4csIgedCCUnCPNKiGgTZD64HuPUovnyJC039m19Zx6Cx2043ppWgTzJOUvGN-wc2YpcJF4leY0e7TkNWO_ji8hpYnSu4WZwuZK8m_ofRFZdxsZBj1ZmB7E8tMbTN2ian94NMX_OSJy5eG17JbohBzNO1Gqvd5vs6RNaeeUowLy5NIY6wqa9sZ4ze0jc8nFndoocblL5kKpLrYQ77mAj6XykF9NIoYSaxe4eC6MEPYkt6hVPLWFwzlL6vCP0YaueDGjWf8SZiHUOMOl8inOc_vAoDW2uV4lICj7lN920Ok8sMKJVAHrbHMJSaW4nckgH-D7l-OtCCqS252DMWqnBe_4vor3NdCSNfMLpL1LG7hk2NydcIcg6Mjh4HOZXp5o_YiPK3Y6QJZUI55GqLL2_yoeWLRYyQmmkArIMjh9LN-nr-Tc9DxgkTwXXG2JbGwEmunQsWV2zb1P9Wc_Qax_L88BUzC2GGjtnd8ciQrIwMxsOTf86uaGF9SM5o-Av87oM-rySjWptXV300SSqztS8e7yHqSVUMcCSNCtL5XMedb9j87svU7woXIulM5noonCXisSOP0CIO7riO-Tgnq6Ne9jFyR63UodctZHaI-Lyo8M8MTbwBaHgBgHhjhohw5INGOaNumiDNRrBgxZ025FCjr8i5chWmn8gC7hOZEVViw5Nn5b_7IAyy2tv9vbdzk2umTrSOiP1pcdj5cB_ZDZ9Xyd4MbKs1hTwkIoTYQGbbD86qgf2doIrfqnD4roJ46ZDCAbx63SOKPodIzAMiGMJUHyCxOXbPlE88cxGaQffys89lmR7ZTOmHmXz-AMke4DCFS7n7wEOATbWHB4lhqqp5_djTZIvCnIuQNke5fSeogGiT_3UpMyNqQ9KQqfLskwl119JO8GC4-vuxYtQzDIy8Y_e6vACQfSDSXzrdNr1ZAcp-IjPYhXoRmGCduWhnLDYc9_r_LPPaCo7eqnatbtXhcfYi8u39ymB1iHbjQFPwrgKNWLVcecDxBpGym0bTJhZbCcGJLOlybXkEK9mZO7XNXHm-AtSqIY8C0JZHP8BOOvuIWu9rMConK1mX8ask1qs46CO0a-oOELkSrqUkcMCIyaAp04J9dtkOPRNiZlpkOW3w6KK_hbfspIvsUEXMXacjHLUb9wr2CNsFpj1vwql-FXyMnsEiuLYGXIlXhzrligpA07ppfcbnl_xR8vpdZciNOMxDUXXuCjw8_zVjbO0eP5uPGCtAU10qEnoa3rOckKR8IshUHSgBQBa9ROtF6JlYF-26acXJRjfbhTpXi7Rxaz-hG5th7NxKOYQHwZJb2vXadYgtMGfwFiIPohyGh3zGtHAd0MVzkd3QxWsiQ2wrotp2ULiQ90aMPSWVArKHhQlYg3lBOKqQfK06JpbEKZt9_z0sLdgx4brykoQJp1YB9ujj95sM4qeIetrVoF8opf4_jhdvK9pQvQ9af3gHkhX-uFPkL6A9IUjyxljKmWLG4vchEpVRYJKWBjbMLg5LWFS8YPgc-vJQaQg5NwEdbo-KJN4GcFYvKoyvLOl771L20PQjmFjnB-jYtx5vAJ-hAIU-0sAiY9XISMPMahtpoNMsHrATLTLcuGGHPGrkfPKHzVHqN3xedUWLoH8OEaB9YtS0vJIhb-mUaMyCOe3BNlqKA3nKDn9OEHuA7xAWOgFTGEtE3nmNE5s6JMRUkI58qnbkJ4Wd1-LnXlcbex2Sql3bS6KHTupuqW8e9aErs43aDrA6kQJNOvv9o16t-nMTGMUNIUr24709nvDEfT5IHQUyQe6IuiyxmX9A7gH5FDGSw-TZamyLNPRVXATrjk2EDrr7rfZMruACoa9eRR5-jeXKNFyk6s9KUd_Nor7pLXTqgmYn0XH2TnI1UVSRAMLeleEwUY5AOrBRRlnhaHrFHxHFYACakzkaPEhez4XBX7C5Ms-7Z44AScjd6pfiXUS7xDKcX-lhjO8q-GfLjX0xMXcXP9tfop4Ci4B1_5TJc6rU4NgBztKSAjgOVGkYC1A6OwgsNi0aUmaID5pCyfAiVe43vAvMSZEMK0ttPYuOqKtNqr2-y8CqlNbU2LGNnVs92DqDrJE43W80yP265xvG_nzwMxSSeqi1bcj9Re3MeQHilbu89ykHbSidoJURD3sUy3nojwaZU4bAak-7tgrefZ91wmgq-zKCtG_gSsoaK&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ds=l&xdt=1&iif=1&cor=5444874355269358000&adk=250412560&idt=195&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77c01782662a013a12854fb986af14d59288243bc8dc37e032b2bceacb970437

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35103
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD39 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9497284706453&version=m202301230201

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD39 0
20 B 66ms
66ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9497284706453&version=m202301230201&ct=76&x=1&cor=300243982080267700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FD39 81 KB
34 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D71eEnwX_gl27wkq15E0AjZNrsj3G3phH221yEEwTkc34EvF-E0_KRBiUdY8N5vRRGopDJxXdSei6D8SUyJkEnkcYnFg&cry=1&dbm_d=AKAmf-AKQjNvuN9gacBUPOAtokVCr72ZL4Q06_NGgIxLe-s1jKplZHvffnVXCOZ4MDgW9K_DMYtGxInpq-1n4jTHf5vzUPUvi5CHr8yXj8Go3Mg5y-RZWmiweqcbGemMfC253C8CujTdx_BNLOivwP8Q57xlcxUXS57q6wE4LeUPlieBS9ok4QWX_ueoVscVFzCyRVH5UgMlPCTqFI9qy-kW4iJ76uEGdfg5yxBIaLribwds43khqTuDDnvAGe_5iTFsUVWMXg_ouV5zOVwZI03ntMlw5Nlu5sq6DuL4Q3DqBhGaF4rRgTQsPpPX_xIzuolnxuKYDN0Hgyj0CjU4Zi8HQBHeGKz9ZaX6yl7GnAnA994suDhO_hxMxUjB0MTe2OrDb8GSqUB4tT4sViOa9lNm4_QhT7jyHCAKPnMNvKLXKhq5ch3JtggYcZiSizPHoAnjmt-Oy_ypkiSXRttv5DTtK_MQkcHnziG9QfdU9eankiTif3znv8-JHkLuIJJvr8sa1frmocaeUp5FZtQm8PHnxcLj2ecATxO9gixDDXrr5tzBSpPHXqh_N_EUXujWE4d-6SL09JMGHzR_wcdsEbzJcpp5aYH1Crou4uSYNyuZYKYj4_6GzqnAF7PKhuv-FAeY3dASLB_6tmYdGMJrhtYtJcFaLeSwhziz0ERhEUOZSwfc0RorKrEdU7KT3BupcP-8VpCXT-sQh43UeLM31AbgYWVejWAhf328S6LYNEEI4SlVb_5glA1EclrdlZE2VqJggsGiYUXfEGQbmitAZpptFStY7IgmhAsXUY0Zj-3ANHn9nESEPHDCUaOAVLNTW2SnmsBpVPhgk0XE0hcteIoeu6Hr-C4Hq4TLFG3j7PKSYWGArNzKpc6uiACxz2Rubb2KQZQNyaV7NMRULrpqVSWkRBu9mBYoO36d_bNNlyiaL7FTQh4r6Kezs0oseBMWGdpf07gjfqXVQI-AuenG4rj7ckBls6tsDWFi3Txlfcru1ijWKs-GBNFemgCT9cN7uKsmzSixX8IK1s4r4XdXi1Wl7VjLtFmh5je5Bp2fXIx0CT5HfIb3arzoXlDoT-eLmY7aIL9Bu3M4FYGvASRkTeJYcZq40GXBROs71NXGca-4YPHJ2Mlsj1ll48Qal7swe2Dtfx2Efld4wS1oZnNozr2ckm0_kMmwf59hYiw44XXsnx1K7JIs3Q1kgAbJmd1CtWkHwM0naJcFn79EOgkXet1iC1sV46rqIX4zUCv_yqz4wKG0K99zbTjMCYMGI42S5CFaMSo0iFGoyhiQuZS0skLpubd--dXPpfwWr38Vgn-fv-juS34A9Te9K13Wy8KAubZ0PouNePn2UwESMxPB33H7IZz5ZxhZkXPAVut6FXLZfO2NQ1VAkm5s6otM7yka3o99Y7Evo3Yoa5lhT0qyH7QHWB6cpZkkrZqh9aIubw6jlFHzPSJJYhuNB1y8VclVc4FrxoXETM7-L3ZF8BE_pbFuKpyWUu64MU1COEbjF56fw-FZOkJ5Wx-6GxomL8eiKj4rC3lsL5-ch-f1-N2Kv9qjLMS1j7XWcHpOlD1EFlLkQDuNGE9LM1JKpCD7BrxdI_Y3Ns1GYr225xssWcTNtWHiRbH4UkHW_TMph97lWDVDyHrPXTu5Yk8eC4ZzGGVSrKdK9pOGD6a95RkBYe7T2v96XY2Kqzc-gc8dKpSjO_pWHWA7C6skY2wtMfJHdklEqGcDZnTV2lWBIJPnminIuT9GgenLOj1qTJWf6v_DGyWk6n1bsGIUEQcbdNjag6aQJ6yETZemJERxKm_OOXuCnNCbRgDiycWIvfknHdbhu-5NgWGuYnHjwHUP45mffSo0OcbPcOKYdtuBxgoPb_OnBvWxDcJ4tuuHy_U8d3ETqI6n1v-eGTHaKPRAjyNrauJ-zzPgZlDYWb_nG3tSSQ_wkoUzG9p5Ev-lvWZ7JvfZVQosXYa1ucE4lZZ-3DLepE5JKrtbU93QVujs9stWx_Lg2SHZFxd1JXWnv1ewwa4KyHcjWZs4vlXl50uxcSZNUm7TmYWPgt6pW8YcwFePUwSSvKqtQsefiQpKaHP2LC89_YUSArPia7NDYJafmol3K4xGHpb8P6WyKiAzTq7THpUgjJ3cHEcXUN85bRgYWe6Mh48mkfzcIjbnfaDblpvrXnDgWxz0HE0wPugv5EuAMxn8qgSsoHxEzWaaCF5MP6EHIZu2nvm6HOMQSpL_O8aK5Xb1l2A_bIQSJEDWdP7slJQCSSLx37CvooYpmqBUYst2tJz5GVKlem197ESyU3TbWaeBGmSYUCI1sddb_1KfTek2IJ2aZD99zRDc43Wg3ZEYTnnUmD5GoipfVlfYG5s_Ftqlo7vJJctJECmETecsSA79E96dIQhYAD3feo4F7mmWdEXxJAi9vZl4RVuT_4Wjbpea_jz0bj6HqpZCGkdJLFH5mD3NzWR2HwaOqfAW0pVLbvjpvfdrLoqLBDMjuQjT3tt8y7ZD0hGaZuABb3KTJBbyt-yxTGNNM3ak0i2iRxKhGjDS2RVpv1BzckgFhgLWmJbsCovLxloMBfpSNmF6mbCYlWx0_lVte_JEkkMzKQ_nT7xsjQNNieTAJOasimPT-79_e9DvgZl3pAfAx346rzy2zQnZNNQ1MGgP5NLYtp236paU5oSYGMg0XnIPh-Xikdu4ht-N6HpfV4yBAU_8I0k3jsEUsL-F7Gj3j8zvZNQH_-7b93MKBg_LmpVUH-VJif7e2lAJ56V9Jtu6DVmJuRxG1zrE7dkoHVrpwjfVdfB36duz-SAB-a6MSiVRznm5agjjsOcE-EipYdR8KjDqVacxmgcaKR9ofR1XxXMZ6t88xLFqJsuGKBQeShBS60XFQqR7NHjFLWCqxNj8jdc8_-kPnJrR5k3IkiNbiEie4YEK5mgX-6yDx7Lsp8WclDCiJL69SdAz61APJdxrBZBlXzZzWeclFvIArOqKt3fY7EXx_qCkyaigm49yGOMzhMDDqrm6y5eysCyK4oNC_pF1u2uroDCi6Yu25iHZIlIwophtW_seKdl6Fy7QoRI0uFLEjIQvgY80_MgJXcfAXr6Ms2vnL9leSMFu0jdhy5FP8EjCuhxioxi7pp93D-8CuKfXMbVsu1RyQlcrJxumz4nhu4MajGedDAIUuHZ26O8L7jFtfwrmC1YWkIbGWAIr7sESbiqTuOr36UWJdi5F&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ds=l&xdt=1&iif=1&cor=300243982080267700&adk=3047537735&idt=253&cac=0&dtd=3

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e645fbc4be540984816b9a54cb0b20f647aef754472bd7caa4cdc7ea71f38b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35109
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C08 0
20 B 61ms
60ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6027541386228&version=m202301300101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C08 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6027541386228&version=m202301300101&ct=77&x=1&cor=13067021055030220000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8C08 28 KB
16 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaVmYNOrGhLLs2MD9W_h8vzWiHO3moLvJxmId1erSzaHMCDS78_5ErmW1Hf5m_SFiy7eaPb2UNo7pOWa6SpTmedm27lkT2W95lbZR7NMSD_z97k5Y9EjyDzn2ST9Efe_14MeVvldX4o-IhypMxCgCFQbimKbGEpqoGYdxCYuHARB1S15o&cry=1&dbm_d=AKAmf-BsCWD4GeJ2XvRMjsunoFtO0se-0BEDjbdeBTOxMoYCm6mMNwCaWEXkagU4P6iNGuVagQnxHWJkV3I3Ofs8plxHBrwxmms63a2tpBOFiKnw2QUJCvDwyA99CcLecvIPwtcY2BRdEZKuzcX162FKcb23rZC3HuDUQVbgA8VCaNIHAxZnsNxL7DU8Hh4G2lcWUM17lQRp11XsXcPqpBPGCETIsW6ifXZvqHfaVwmIJXJ-hoDYPJgIFSsZAh7q6Poea3Ko8sFOyMwIsM3n4pzMF5REibunlXiMfZOIb7mOtH2QInCh0aLULIvb8-xIuJpibyyx66Q1S8P0DzaHaj9xJqavwIwCkrwXxAmvEIUYIiZabtr8ctwi5J2g74nDgpQdtjtyP5nBfQYVCyj6ElLJzv6mqkfskF4gfKmZDhKxF7nu08A2ynNuLZxRpxNmMetrSDkWpOV3Q7dAr3ZGjFuKYpwwvJ1W3beIrQOOryWUo3V1W12CKlGnBULiNnTFAS48QVwH-nqP3LUXFxgpE1A-UDfIdgErHWJYTob5pEVtSYdpRmhaJQ6YLSfzAHwXYqcuqqXn8_qGZoqMXz_Ri9BRIVpc5VdXxVs-VgKoU1kPLGSEdU69Xn7mgd7OlHG3xeQvpKBtA8W4Xbi4WUP4WwmLWd4pzru7bno2NjX275roa6dJf882jaqrdL3ysnegblQuM9yRL1uA726-0sG-0yBO-OjbibL9hFe95ggSpG6gF7FeRIOJvvA-uzbgKZXW9ChKCmc9bYwykPlQuOObAUFb8oi_VZxT5XDREArs3F2NAkZBY_ZHFdk2kmjcglIJBZzFbYUrZFx6MToeSC8Vb1_DiSzXnp3VOmEsyZGfZCok2srfPaaJMOc1gRtl-YcfhpUYUO3RIlLGLJQnP30hM1KsHwLHtIElBBWF8EtGM78FMNj8TxB6Jkyp7GWPhFRRdkzOJEEi-IM5kwGLwRKr23R-epOd1xU-jEXmWKGo4qchMN9fztmofM1SrPu8Xar0rYEfXXjryQB-l5nD9oBbh43gp0Oc9Ism0A57tzMPluJbVNzxh7pQETqC__OXKftyj36v84E0gf5DuSjtoWtuGCWG_l9LqTVV2c124YDoIlB4Pdq3G4n7VaGneALNeYZ6ySYW0xhyLZz5D26UfpL6Pkm2zLGopNIrVbwuJcQ4betbjdFo0W8jy6NABBSXyWLrbJPcdWScHVN4OAgqfOZosw78NdAN12iX3njroLwz0fikX0imRdctzc-chKgXV1U6s4e5isteSahTTX3qRZv8bpnvBZjr8hK4wV_SW9yYfQolgxLWby7Fa2jy44y7sAszcU2Z9qhZWxSVW2MuzcEC9_JDCOzCgPL5uwS4kiInUm0zrT1P566sgN1MsrwWs3Ym9iqQOwIVjRZydvchbg-cdt7NneCoN8JlXgONInFJX0A0aPvZxPcbF1RsOgdXX8O48UFEdMlQ0nIEdd-8Ptj3Ch5Tk_yD7oEYhfxgB-VnwAHnzBe1DR9qm1qkIzWbd4Z7i0labc_bInd357A_NCHk9VOO1SXzU3EWDRbBtuJZSCJ417u-S_Z9QqwyqNikniNbx3j6DodsFbDfLZMfcYtbT9R0_PBYhtP4mR1vu_UrkcbBrs28jTqsozKmrmCIeZ7dVF1oPF794CD4S6-cuwmci2QpImnf0VgI3ZBRNcLghL9xgnv7wgXLzleoyMTUCCcJi1zX-MPuAaQ_Dys3FJWzs25XGJZ0Nq2tJwQqElE5V4b0qUEoHkhpdt50QL2C_x27I7OLmvd03J8k6h_TRt6dsuOJbxriIq8gKq3HpwGV0olt4GhgRTMs_COPZif5OSaUJKdDjJo9FKZqzLtaVdmGtGN3-q5rodmWrUMteHoNLnbWGSALJcC7iCjsU_kCjrUL44PjMWUsLqbkJCKEa3TmqZuarAtK_GQZYlhzSkdhUHjvT5CARqwMJmk1p04LmkuF1C_PkxWd4pth__IBuTVfWKzriWy5JX70UTMDDA_gp5SdGgg-dJKlIdNd3JFfWVHk9nO8jc8sbrcjtZKh9J-aosui53fsA8vglzIVb0SXbca5JwZUad222YYLZl-Ag4Po3YaL1ROyVb5QBop1K6_puVk_jzqa-8NwFtjI8MuvuxyP6XdJeWOiYHlG-RlEPTAFQK76DVLTX5AulceNQ2Hlzqo2kMYhBlP8uKXGuMUOknRVZOqqX72NuHiKacVuUXYUunM23H8Ldv5R61VkQiU1Omly904y_vUdvtsufNPNSxeAzlLBOON63zK3whDmVP5PFpPZloLUirbRWtDVI5Re-g5s1PUOUwaq5MEx7BgPBrGLN1u4WHKjrADwgQ04JCynvHoH8RxxYYrIdM4FgCIubzoxmEksGcnlu81ULDU26ER2srIz4peZnrLP4aNIZ243VWDPlyeKGHGuxkjZG9n06YKDb6Sobt5MXfTt-hgkIU0cE_hZf1V8nVf-aYA8QyxPEJR9QFIh1DCpIqCQMXjBlh0OMWBeP_TDyNXw-Dc-mvfbvqLoF2qhmTJjf7pVFzaOeplaerGymUNEFPsphlXE8tmURd3edmhPeqedc6lgiY-B6YfLSVcnRf7m8I6AAlXr36a2AukPd2djr2tDj3cCnNUYhq9eQqlxT8SrOb7n9GiLCA9EHGe1ze6GEqh8Vz6n2MWRsn5wQG5pGDCx16Og1JCkYidjyCMby7m2SoCwwlGquZ4tL3Ny1Z7pStUy6tfVtxbndYBKcrcKkU5qx64zLYcej6Y3_ttWWmjrzrE0Y8P98XEe8YNmMubo_SncV6E-lgSoR_LzcN_kFH2E9tG1RAWwKUGf2EbeGH4fV2bffBZ_XPrcfjgdqKG_qZnvjUSy3Wjg0OO9JZ4Ir1nOhG1YimhIZwvuo5S-FDgypTK53w1_7H0uu9JJTiE0sD0pNEEosoNWVGwOZzijwh0D91Re2LCV3xBWROPyT8vzW0EzZ1pO3I4hdrJR94RsvqzSs_ZIdUyTetKi2Q9kpMC1nasIMcZJ39MCEwsWtT-8ZnNOhgyCBuym6dNiea-F-4OsvA3NDzKbYEl1Pncical3f2Dir85pDXF3BzBBdSh956jY2yotRy0vTdjhz7Zed-r9J81w7ZGIXYzd1OQ7ji2hTbVubJtF7CJJ7kZfrHr4QOIQrP7ageTz2Qak_2ic5AI1stlFcQNNPzRbwI-DtloYUUkV2NYwq9DF19HT-MP3rEij8r_s0y1vc-g2XICmEKNG0aC6Pem2lB-AE_Fi3YrpoSLDr3NlcIQaEB8Q5A&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ds=l&xdt=1&iif=1&cor=13067021055030220000&adk=2228999115&idt=272&cac=0&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e987e62ee6ab29488066902cc5abc517d83cdfe87eefd7b061bf81129d782e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16865
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FFA2 170 KB
59 KB 89ms
28ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Origin: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 11:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 11:45:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/ Frame FFA2 8 KB
3 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaDVHs-MJcURTy6uVXINbKRnrEvDXIu3xunNNAG5FBYKuvqLhPWfSLS1M62Zh-_PPc0L2R8O9KElT1jUwvmvzTGDX_dg&cry=1&dbm_d=AKAmf-A3frjclBAdzPt2cSNxvJ-Fa6PwSAEGxSnF-OS0nn2heIK3TCYx_WC3ZZByFWLZCkHHcZk-_oxWdij5DyvcfNJs347TGEFkQ60Jh9ySYIAVP84usEmqc7PGKj0UGP3BPlm9REAWzDD3KCtgokvJyLDrMffa8LSx5wPzlbs0tQgaTgfB-D8SYBV9RW10CccY8Xyjmn_EiLuKVsj_4J7NMu2rqXCdCTGwi5Nc4XTBf8FS9Nrwp7JZvOATCVGJSvrFXmFBVMf73fXVFNIYXDJCbmUpxpF7RBhm9ZP6HSHH9K0BFGwXC1LgkbUAG-5h3o6Cw9Ttg_sn33zs28EL6Zs0pnLh_20jPprhTf8HuQV4TZSVboCUG4fLOWBkpeJAMjr54HTkWM7if5Yh4rkEE-TDHxPdlago0zhhQ8Bg4RzlCFig3p2TgIhPKsfuxiTHcz3b4OhQ49ZAxcU7HE99TrJ_MqtAJHJPi96AGOzgcc-DfwNAVWo26wd2ybYCZfbOu7Vbzlf7t1caaY-Ds4oiu3Rr_kY7IZZdCKHtDJoYKYIiFzHX_gZioISqOIRgPc_WdRsMaJKURN1-5lIaCGwWcGRX6r4elffp4uYSLL2m66V22NSV8-D0iIKUh-YOAhRkO_kT8EhlkCMvwNs5C-8JwhmbJQ6ISi2kqvYcdP7WAa6KYpwvX9IB_5XVPpPuCpm0RRS7dKjwcBVV7ebGV72DzWEluZR163sGES1yIiYV7eaWvTQLVHM0bdTAtPyH5Lm_iBEZaJseh8Ut5BZei3AqXSISBKQd7AWauLkZyiAqIuHvKRfHpopDf-_zPDRmYyXxniu5nA0PUbEkxnQSgsB7LmLyQnrPd-0WVNyK87xnCiWcgasgf743kR9Z0TAAWLws8m3BCQFICJVKUQY-9mMER33yoIbXaYwO-pBrvvnwYc645PI33xu_AAytqrOSpe4tfgu6Zhx22r2Rc5rGro42DFbkmxHL0hZoigcrk04YgZMks3WzaP-h10CXWhT4csIgedCCUnCPNKiGgTZD64HuPUovnyJC039m19Zx6Cx2043ppWgTzJOUvGN-wc2YpcJF4leY0e7TkNWO_ji8hpYnSu4WZwuZK8m_ofRFZdxsZBj1ZmB7E8tMbTN2ian94NMX_OSJy5eG17JbohBzNO1Gqvd5vs6RNaeeUowLy5NIY6wqa9sZ4ze0jc8nFndoocblL5kKpLrYQ77mAj6XykF9NIoYSaxe4eC6MEPYkt6hVPLWFwzlL6vCP0YaueDGjWf8SZiHUOMOl8inOc_vAoDW2uV4lICj7lN920Ok8sMKJVAHrbHMJSaW4nckgH-D7l-OtCCqS252DMWqnBe_4vor3NdCSNfMLpL1LG7hk2NydcIcg6Mjh4HOZXp5o_YiPK3Y6QJZUI55GqLL2_yoeWLRYyQmmkArIMjh9LN-nr-Tc9DxgkTwXXG2JbGwEmunQsWV2zb1P9Wc_Qax_L88BUzC2GGjtnd8ciQrIwMxsOTf86uaGF9SM5o-Av87oM-rySjWptXV300SSqztS8e7yHqSVUMcCSNCtL5XMedb9j87svU7woXIulM5noonCXisSOP0CIO7riO-Tgnq6Ne9jFyR63UodctZHaI-Lyo8M8MTbwBaHgBgHhjhohw5INGOaNumiDNRrBgxZ025FCjr8i5chWmn8gC7hOZEVViw5Nn5b_7IAyy2tv9vbdzk2umTrSOiP1pcdj5cB_ZDZ9Xyd4MbKs1hTwkIoTYQGbbD86qgf2doIrfqnD4roJ46ZDCAbx63SOKPodIzAMiGMJUHyCxOXbPlE88cxGaQffys89lmR7ZTOmHmXz-AMke4DCFS7n7wEOATbWHB4lhqqp5_djTZIvCnIuQNke5fSeogGiT_3UpMyNqQ9KQqfLskwl119JO8GC4-vuxYtQzDIy8Y_e6vACQfSDSXzrdNr1ZAcp-IjPYhXoRmGCduWhnLDYc9_r_LPPaCo7eqnatbtXhcfYi8u39ymB1iHbjQFPwrgKNWLVcecDxBpGym0bTJhZbCcGJLOlybXkEK9mZO7XNXHm-AtSqIY8C0JZHP8BOOvuIWu9rMConK1mX8ask1qs46CO0a-oOELkSrqUkcMCIyaAp04J9dtkOPRNiZlpkOW3w6KK_hbfspIvsUEXMXacjHLUb9wr2CNsFpj1vwql-FXyMnsEiuLYGXIlXhzrligpA07ppfcbnl_xR8vpdZciNOMxDUXXuCjw8_zVjbO0eP5uPGCtAU10qEnoa3rOckKR8IshUHSgBQBa9ROtF6JlYF-26acXJRjfbhTpXi7Rxaz-hG5th7NxKOYQHwZJb2vXadYgtMGfwFiIPohyGh3zGtHAd0MVzkd3QxWsiQ2wrotp2ULiQ90aMPSWVArKHhQlYg3lBOKqQfK06JpbEKZt9_z0sLdgx4brykoQJp1YB9ujj95sM4qeIetrVoF8opf4_jhdvK9pQvQ9af3gHkhX-uFPkL6A9IUjyxljKmWLG4vchEpVRYJKWBjbMLg5LWFS8YPgc-vJQaQg5NwEdbo-KJN4GcFYvKoyvLOl771L20PQjmFjnB-jYtx5vAJ-hAIU-0sAiY9XISMPMahtpoNMsHrATLTLcuGGHPGrkfPKHzVHqN3xedUWLoH8OEaB9YtS0vJIhb-mUaMyCOe3BNlqKA3nKDn9OEHuA7xAWOgFTGEtE3nmNE5s6JMRUkI58qnbkJ4Wd1-LnXlcbex2Sql3bS6KHTupuqW8e9aErs43aDrA6kQJNOvv9o16t-nMTGMUNIUr24709nvDEfT5IHQUyQe6IuiyxmX9A7gH5FDGSw-TZamyLNPRVXATrjk2EDrr7rfZMruACoa9eRR5-jeXKNFyk6s9KUd_Nor7pLXTqgmYn0XH2TnI1UVSRAMLeleEwUY5AOrBRRlnhaHrFHxHFYACakzkaPEhez4XBX7C5Ms-7Z44AScjd6pfiXUS7xDKcX-lhjO8q-GfLjX0xMXcXP9tfop4Ci4B1_5TJc6rU4NgBztKSAjgOVGkYC1A6OwgsNi0aUmaID5pCyfAiVe43vAvMSZEMK0ttPYuOqKtNqr2-y8CqlNbU2LGNnVs92DqDrJE43W80yP265xvG_nzwMxSSeqi1bcj9Re3MeQHilbu89ykHbSidoJURD3sUy3nojwaZU4bAak-7tgrefZ91wmgq-zKCtG_gSsoaK&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ds=l&xdt=1&iif=1&cor=5444874355269358000&adk=250412560&idt=195&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:11:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame FFA2 28 KB
11 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10784
x-xss-protection: 0
server: cafe
etag: 15652644324719269315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:13:46 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FFA2 41 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Feb 2024 13:42:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F0A9 1 KB
643 B 27ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Wed, 22 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FFA2 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c509dc9b9b6783d948fa18e618b59ae8cc594740d22a50772f84545c9a0c15e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame FD39 170 KB
59 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Origin: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 11:45:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70727
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 11:45:35 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/ Frame FD39 8 KB
3 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D71eEnwX_gl27wkq15E0AjZNrsj3G3phH221yEEwTkc34EvF-E0_KRBiUdY8N5vRRGopDJxXdSei6D8SUyJkEnkcYnFg&cry=1&dbm_d=AKAmf-AKQjNvuN9gacBUPOAtokVCr72ZL4Q06_NGgIxLe-s1jKplZHvffnVXCOZ4MDgW9K_DMYtGxInpq-1n4jTHf5vzUPUvi5CHr8yXj8Go3Mg5y-RZWmiweqcbGemMfC253C8CujTdx_BNLOivwP8Q57xlcxUXS57q6wE4LeUPlieBS9ok4QWX_ueoVscVFzCyRVH5UgMlPCTqFI9qy-kW4iJ76uEGdfg5yxBIaLribwds43khqTuDDnvAGe_5iTFsUVWMXg_ouV5zOVwZI03ntMlw5Nlu5sq6DuL4Q3DqBhGaF4rRgTQsPpPX_xIzuolnxuKYDN0Hgyj0CjU4Zi8HQBHeGKz9ZaX6yl7GnAnA994suDhO_hxMxUjB0MTe2OrDb8GSqUB4tT4sViOa9lNm4_QhT7jyHCAKPnMNvKLXKhq5ch3JtggYcZiSizPHoAnjmt-Oy_ypkiSXRttv5DTtK_MQkcHnziG9QfdU9eankiTif3znv8-JHkLuIJJvr8sa1frmocaeUp5FZtQm8PHnxcLj2ecATxO9gixDDXrr5tzBSpPHXqh_N_EUXujWE4d-6SL09JMGHzR_wcdsEbzJcpp5aYH1Crou4uSYNyuZYKYj4_6GzqnAF7PKhuv-FAeY3dASLB_6tmYdGMJrhtYtJcFaLeSwhziz0ERhEUOZSwfc0RorKrEdU7KT3BupcP-8VpCXT-sQh43UeLM31AbgYWVejWAhf328S6LYNEEI4SlVb_5glA1EclrdlZE2VqJggsGiYUXfEGQbmitAZpptFStY7IgmhAsXUY0Zj-3ANHn9nESEPHDCUaOAVLNTW2SnmsBpVPhgk0XE0hcteIoeu6Hr-C4Hq4TLFG3j7PKSYWGArNzKpc6uiACxz2Rubb2KQZQNyaV7NMRULrpqVSWkRBu9mBYoO36d_bNNlyiaL7FTQh4r6Kezs0oseBMWGdpf07gjfqXVQI-AuenG4rj7ckBls6tsDWFi3Txlfcru1ijWKs-GBNFemgCT9cN7uKsmzSixX8IK1s4r4XdXi1Wl7VjLtFmh5je5Bp2fXIx0CT5HfIb3arzoXlDoT-eLmY7aIL9Bu3M4FYGvASRkTeJYcZq40GXBROs71NXGca-4YPHJ2Mlsj1ll48Qal7swe2Dtfx2Efld4wS1oZnNozr2ckm0_kMmwf59hYiw44XXsnx1K7JIs3Q1kgAbJmd1CtWkHwM0naJcFn79EOgkXet1iC1sV46rqIX4zUCv_yqz4wKG0K99zbTjMCYMGI42S5CFaMSo0iFGoyhiQuZS0skLpubd--dXPpfwWr38Vgn-fv-juS34A9Te9K13Wy8KAubZ0PouNePn2UwESMxPB33H7IZz5ZxhZkXPAVut6FXLZfO2NQ1VAkm5s6otM7yka3o99Y7Evo3Yoa5lhT0qyH7QHWB6cpZkkrZqh9aIubw6jlFHzPSJJYhuNB1y8VclVc4FrxoXETM7-L3ZF8BE_pbFuKpyWUu64MU1COEbjF56fw-FZOkJ5Wx-6GxomL8eiKj4rC3lsL5-ch-f1-N2Kv9qjLMS1j7XWcHpOlD1EFlLkQDuNGE9LM1JKpCD7BrxdI_Y3Ns1GYr225xssWcTNtWHiRbH4UkHW_TMph97lWDVDyHrPXTu5Yk8eC4ZzGGVSrKdK9pOGD6a95RkBYe7T2v96XY2Kqzc-gc8dKpSjO_pWHWA7C6skY2wtMfJHdklEqGcDZnTV2lWBIJPnminIuT9GgenLOj1qTJWf6v_DGyWk6n1bsGIUEQcbdNjag6aQJ6yETZemJERxKm_OOXuCnNCbRgDiycWIvfknHdbhu-5NgWGuYnHjwHUP45mffSo0OcbPcOKYdtuBxgoPb_OnBvWxDcJ4tuuHy_U8d3ETqI6n1v-eGTHaKPRAjyNrauJ-zzPgZlDYWb_nG3tSSQ_wkoUzG9p5Ev-lvWZ7JvfZVQosXYa1ucE4lZZ-3DLepE5JKrtbU93QVujs9stWx_Lg2SHZFxd1JXWnv1ewwa4KyHcjWZs4vlXl50uxcSZNUm7TmYWPgt6pW8YcwFePUwSSvKqtQsefiQpKaHP2LC89_YUSArPia7NDYJafmol3K4xGHpb8P6WyKiAzTq7THpUgjJ3cHEcXUN85bRgYWe6Mh48mkfzcIjbnfaDblpvrXnDgWxz0HE0wPugv5EuAMxn8qgSsoHxEzWaaCF5MP6EHIZu2nvm6HOMQSpL_O8aK5Xb1l2A_bIQSJEDWdP7slJQCSSLx37CvooYpmqBUYst2tJz5GVKlem197ESyU3TbWaeBGmSYUCI1sddb_1KfTek2IJ2aZD99zRDc43Wg3ZEYTnnUmD5GoipfVlfYG5s_Ftqlo7vJJctJECmETecsSA79E96dIQhYAD3feo4F7mmWdEXxJAi9vZl4RVuT_4Wjbpea_jz0bj6HqpZCGkdJLFH5mD3NzWR2HwaOqfAW0pVLbvjpvfdrLoqLBDMjuQjT3tt8y7ZD0hGaZuABb3KTJBbyt-yxTGNNM3ak0i2iRxKhGjDS2RVpv1BzckgFhgLWmJbsCovLxloMBfpSNmF6mbCYlWx0_lVte_JEkkMzKQ_nT7xsjQNNieTAJOasimPT-79_e9DvgZl3pAfAx346rzy2zQnZNNQ1MGgP5NLYtp236paU5oSYGMg0XnIPh-Xikdu4ht-N6HpfV4yBAU_8I0k3jsEUsL-F7Gj3j8zvZNQH_-7b93MKBg_LmpVUH-VJif7e2lAJ56V9Jtu6DVmJuRxG1zrE7dkoHVrpwjfVdfB36duz-SAB-a6MSiVRznm5agjjsOcE-EipYdR8KjDqVacxmgcaKR9ofR1XxXMZ6t88xLFqJsuGKBQeShBS60XFQqR7NHjFLWCqxNj8jdc8_-kPnJrR5k3IkiNbiEie4YEK5mgX-6yDx7Lsp8WclDCiJL69SdAz61APJdxrBZBlXzZzWeclFvIArOqKt3fY7EXx_qCkyaigm49yGOMzhMDDqrm6y5eysCyK4oNC_pF1u2uroDCi6Yu25iHZIlIwophtW_seKdl6Fy7QoRI0uFLEjIQvgY80_MgJXcfAXr6Ms2vnL9leSMFu0jdhy5FP8EjCuhxioxi7pp93D-8CuKfXMbVsu1RyQlcrJxumz4nhu4MajGedDAIUuHZ26O8L7jFtfwrmC1YWkIbGWAIr7sESbiqTuOr36UWJdi5F&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&dv3_ver=m202301230201&rfl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ds=l&xdt=1&iif=1&cor=300243982080267700&adk=3047537735&idt=253&cac=0&dtd=3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:11:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29594
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:11:08 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame FD39 28 KB
11 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10784
x-xss-protection: 0
server: cafe
etag: 15652644324719269315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:13:46 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/ Frame 8C08 28 KB
11 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230216/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AaVmYNOrGhLLs2MD9W_h8vzWiHO3moLvJxmId1erSzaHMCDS78_5ErmW1Hf5m_SFiy7eaPb2UNo7pOWa6SpTmedm27lkT2W95lbZR7NMSD_z97k5Y9EjyDzn2ST9Efe_14MeVvldX4o-IhypMxCgCFQbimKbGEpqoGYdxCYuHARB1S15o&cry=1&dbm_d=AKAmf-BsCWD4GeJ2XvRMjsunoFtO0se-0BEDjbdeBTOxMoYCm6mMNwCaWEXkagU4P6iNGuVagQnxHWJkV3I3Ofs8plxHBrwxmms63a2tpBOFiKnw2QUJCvDwyA99CcLecvIPwtcY2BRdEZKuzcX162FKcb23rZC3HuDUQVbgA8VCaNIHAxZnsNxL7DU8Hh4G2lcWUM17lQRp11XsXcPqpBPGCETIsW6ifXZvqHfaVwmIJXJ-hoDYPJgIFSsZAh7q6Poea3Ko8sFOyMwIsM3n4pzMF5REibunlXiMfZOIb7mOtH2QInCh0aLULIvb8-xIuJpibyyx66Q1S8P0DzaHaj9xJqavwIwCkrwXxAmvEIUYIiZabtr8ctwi5J2g74nDgpQdtjtyP5nBfQYVCyj6ElLJzv6mqkfskF4gfKmZDhKxF7nu08A2ynNuLZxRpxNmMetrSDkWpOV3Q7dAr3ZGjFuKYpwwvJ1W3beIrQOOryWUo3V1W12CKlGnBULiNnTFAS48QVwH-nqP3LUXFxgpE1A-UDfIdgErHWJYTob5pEVtSYdpRmhaJQ6YLSfzAHwXYqcuqqXn8_qGZoqMXz_Ri9BRIVpc5VdXxVs-VgKoU1kPLGSEdU69Xn7mgd7OlHG3xeQvpKBtA8W4Xbi4WUP4WwmLWd4pzru7bno2NjX275roa6dJf882jaqrdL3ysnegblQuM9yRL1uA726-0sG-0yBO-OjbibL9hFe95ggSpG6gF7FeRIOJvvA-uzbgKZXW9ChKCmc9bYwykPlQuOObAUFb8oi_VZxT5XDREArs3F2NAkZBY_ZHFdk2kmjcglIJBZzFbYUrZFx6MToeSC8Vb1_DiSzXnp3VOmEsyZGfZCok2srfPaaJMOc1gRtl-YcfhpUYUO3RIlLGLJQnP30hM1KsHwLHtIElBBWF8EtGM78FMNj8TxB6Jkyp7GWPhFRRdkzOJEEi-IM5kwGLwRKr23R-epOd1xU-jEXmWKGo4qchMN9fztmofM1SrPu8Xar0rYEfXXjryQB-l5nD9oBbh43gp0Oc9Ism0A57tzMPluJbVNzxh7pQETqC__OXKftyj36v84E0gf5DuSjtoWtuGCWG_l9LqTVV2c124YDoIlB4Pdq3G4n7VaGneALNeYZ6ySYW0xhyLZz5D26UfpL6Pkm2zLGopNIrVbwuJcQ4betbjdFo0W8jy6NABBSXyWLrbJPcdWScHVN4OAgqfOZosw78NdAN12iX3njroLwz0fikX0imRdctzc-chKgXV1U6s4e5isteSahTTX3qRZv8bpnvBZjr8hK4wV_SW9yYfQolgxLWby7Fa2jy44y7sAszcU2Z9qhZWxSVW2MuzcEC9_JDCOzCgPL5uwS4kiInUm0zrT1P566sgN1MsrwWs3Ym9iqQOwIVjRZydvchbg-cdt7NneCoN8JlXgONInFJX0A0aPvZxPcbF1RsOgdXX8O48UFEdMlQ0nIEdd-8Ptj3Ch5Tk_yD7oEYhfxgB-VnwAHnzBe1DR9qm1qkIzWbd4Z7i0labc_bInd357A_NCHk9VOO1SXzU3EWDRbBtuJZSCJ417u-S_Z9QqwyqNikniNbx3j6DodsFbDfLZMfcYtbT9R0_PBYhtP4mR1vu_UrkcbBrs28jTqsozKmrmCIeZ7dVF1oPF794CD4S6-cuwmci2QpImnf0VgI3ZBRNcLghL9xgnv7wgXLzleoyMTUCCcJi1zX-MPuAaQ_Dys3FJWzs25XGJZ0Nq2tJwQqElE5V4b0qUEoHkhpdt50QL2C_x27I7OLmvd03J8k6h_TRt6dsuOJbxriIq8gKq3HpwGV0olt4GhgRTMs_COPZif5OSaUJKdDjJo9FKZqzLtaVdmGtGN3-q5rodmWrUMteHoNLnbWGSALJcC7iCjsU_kCjrUL44PjMWUsLqbkJCKEa3TmqZuarAtK_GQZYlhzSkdhUHjvT5CARqwMJmk1p04LmkuF1C_PkxWd4pth__IBuTVfWKzriWy5JX70UTMDDA_gp5SdGgg-dJKlIdNd3JFfWVHk9nO8jc8sbrcjtZKh9J-aosui53fsA8vglzIVb0SXbca5JwZUad222YYLZl-Ag4Po3YaL1ROyVb5QBop1K6_puVk_jzqa-8NwFtjI8MuvuxyP6XdJeWOiYHlG-RlEPTAFQK76DVLTX5AulceNQ2Hlzqo2kMYhBlP8uKXGuMUOknRVZOqqX72NuHiKacVuUXYUunM23H8Ldv5R61VkQiU1Omly904y_vUdvtsufNPNSxeAzlLBOON63zK3whDmVP5PFpPZloLUirbRWtDVI5Re-g5s1PUOUwaq5MEx7BgPBrGLN1u4WHKjrADwgQ04JCynvHoH8RxxYYrIdM4FgCIubzoxmEksGcnlu81ULDU26ER2srIz4peZnrLP4aNIZ243VWDPlyeKGHGuxkjZG9n06YKDb6Sobt5MXfTt-hgkIU0cE_hZf1V8nVf-aYA8QyxPEJR9QFIh1DCpIqCQMXjBlh0OMWBeP_TDyNXw-Dc-mvfbvqLoF2qhmTJjf7pVFzaOeplaerGymUNEFPsphlXE8tmURd3edmhPeqedc6lgiY-B6YfLSVcnRf7m8I6AAlXr36a2AukPd2djr2tDj3cCnNUYhq9eQqlxT8SrOb7n9GiLCA9EHGe1ze6GEqh8Vz6n2MWRsn5wQG5pGDCx16Og1JCkYidjyCMby7m2SoCwwlGquZ4tL3Ny1Z7pStUy6tfVtxbndYBKcrcKkU5qx64zLYcej6Y3_ttWWmjrzrE0Y8P98XEe8YNmMubo_SncV6E-lgSoR_LzcN_kFH2E9tG1RAWwKUGf2EbeGH4fV2bffBZ_XPrcfjgdqKG_qZnvjUSy3Wjg0OO9JZ4Ir1nOhG1YimhIZwvuo5S-FDgypTK53w1_7H0uu9JJTiE0sD0pNEEosoNWVGwOZzijwh0D91Re2LCV3xBWROPyT8vzW0EzZ1pO3I4hdrJR94RsvqzSs_ZIdUyTetKi2Q9kpMC1nasIMcZJ39MCEwsWtT-8ZnNOhgyCBuym6dNiea-F-4OsvA3NDzKbYEl1Pncical3f2Dir85pDXF3BzBBdSh956jY2yotRy0vTdjhz7Zed-r9J81w7ZGIXYzd1OQ7ji2hTbVubJtF7CJJ7kZfrHr4QOIQrP7ageTz2Qak_2ic5AI1stlFcQNNPzRbwI-DtloYUUkV2NYwq9DF19HT-MP3rEij8r_s0y1vc-g2XICmEKNG0aC6Pem2lB-AE_Fi3YrpoSLDr3NlcIQaEB8Q5A&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ds=l&xdt=1&iif=1&cor=13067021055030220000&adk=2228999115&idt=272&cac=0&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:13:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29436
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10784
x-xss-protection: 0
server: cafe
etag: 15652644324719269315
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Mar 2023 23:13:46 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8C08 41 KB
15 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Feb 2024 13:42:53 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D4FE 22 KB
8 KB 29ms
28ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 150089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 13:42:53 GMT
expires: Tue, 20 Feb 2024 13:42:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 91 KB
23 KB 37ms
36ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecba06a7bb378fae1c62d7ef2e83119d7c8a40c07a96b67078a3155f56eeac84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:22 GMT
expires: Thu, 22 Feb 2024 07:24:22 GMT
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FFA2 0
0 192ms
84ms Fetch
image/gif 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvH5kAgRj0ySBrdXDUpV-zp1L4WBuUXSBbmnsy-aWD92G_7fxO18lfllnB9ZkZx4mm5AgilBLGqoPNie4aO6Lta7NRbs4OZChBxPyixp0FOTiNdnZDqKs_Ck4evSrHbhkbweLQJc-dE2jSuD21EBLxxAyPCxCZj4MIZiQJgh2GWT1wB86PSh6kIStY4VEPylsTyBSUO3KGH2kxpH6nE89Cbugt5Hs84rVajT0WaO2kp7HyitggtAPpZu4JCt4JZT7DjIk9t96u24E6HQRyfz3rFhDax0mz8ZeU3SpVqr7Fzp3sD-EYMdNbxIUXehmOLfRy5VX26nECEgyqjnUUlcLc5LzZJ5TZgaTLsRJkWjqsTV4XwCZRFz95cyiDXXh80yp-uJHEPStO-k8YVh9lEpKdMc-Ib-V0NYn4-EN8ultSND1IH7DHwfQdIK8MIFIITl2he_ErwumvOVrAFYZvw1HZGsGezQ0KnSbdwjFAKqteCLBNO6dn-pOZuTGC30EeVrIYEijI0T3fJ8WeZPSm3B52m3BgV9SS_HNEDd847m6PmBlDuj1iFf1dL2B1H8AY8UAhtnvXrhTAOw4poLVWd_VahO6YvxtGSqeoq5m0p-2fbKNTooCdyBrkLbH8vfbwBC17mAODBL4qKh1gqTELuUw281UcrCXjGOMclNLbF-eE11fEiR0S1es4k9pMbcT30r9-c38E2K4cHLaLIy1fCtND5Z3SzTVshPWIhT-BXd13HLmDg5so1L2onNDW-9zckxud-bLN1D5P72wrnKrHQpJM0U1HnRhoS8zW3H2gN6rAdbzPh3z7HpEPmdQ0TvMWN-kgxR_qHQze5c-wPwJ03n9y017uw0agqFnSc8eP2kgLkLbvQq2IUQV8wMeTshXiHLpU1hxgdITBT0q9mMTdMc6zK9_WFADDY-rT4tK8EcmSEZSea-CNiXc39pLbuMGzLpCvJQ3TPKAbger3_y1K24_da7X5Rmc19iUqNLngEs4Feh0Kl41uZhGFtzyi0QchhLbi-zG6f9sOyhHDJy6uEHPDJ2ue24hXHR_tKMIdck3VsBasYtZwYsbV6SrM2_CD9GIDMnM4wk9_yCkzuBxA8UggxWSKL3DVSpROfZ7kqnKzcGKUuTF_6t8cAbuGUHkv7ObbRFllbanvl4J4LAhd2Bd54GOJRwKs2-EM6j3dzV3hyBWY&sai=AMfl-YRm3-VtwhIoddHQr2k-iOnBGCqjtBqdSMf6ymV538CMbhLDT-jBPBt3lBMNegHOvvI5VSfp91u5aK185xmyy6DidNqk5qWGD_9jXEii7BjDMEgsaUkFlDEUaXUoHFDLJBWnr5Q6fC7rvFeJHSrG3qiibdpQw6QIE7uSH8SCQJ0OcQZnNRGSAfP4BmZe8D4DQvMqSo6J2XCcPc2EHBRDBED-hA8I6UoNsOM1iU0dWl_g2H1j2FeTEvrR99iENgg1nF6y&sig=Cg0ArKJSzIBbjVRJIpQlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=175&cbvp=1&cstd=168&cisv=r20230216.07488&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0A9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELk463K9UK4ZCYZAqU1sO90&google_cver=1&google_push=Aa02lx-mdZjzpXyuBVDsJLaEiSxF6UpcWR4BMMoIKKcQsd37OhQ2o_qW3heW8_ddn_Uvl4Hn_kX2X_aqt2SQR84e...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-mdZjzpXyuBVDsJLaEiSxF6UpcWR4BMMoIKKcQsd37OhQ2o_qW3heW8_ddn_Uvl4Hn_kX2X_aqt2SQR84eqKthsm9lX7940A

170 B
188 B

41ms
40ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-mdZjzpXyuBVDsJLaEiSxF6UpcWR4BMMoIKKcQsd37OhQ2o_qW3heW8_ddn_Uvl4Hn_kX2X_aqt2SQR84eqKthsm9lX7940A

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Feb 2023 07:24:23 GMT
Server: MT3 475 4bd2ccd master cdg-pixel-x16 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx-mdZjzpXyuBVDsJLaEiSxF6UpcWR4BMMoIKKcQsd37OhQ2o_qW3heW8_ddn_Uvl4Hn_kX2X_aqt2SQR84eqKthsm9lX7940A
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0A9
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx_A9-bUdSRl_pJ4_yq9t69IN1M0h3qb0_iVVO6QCI8fccwUVitrZ7...

170 B
188 B

38ms
38ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx_A9-bUdSRl_pJ4_yq9t69IN1M0h3qb0_iVVO6QCI8fccwUVitrZ7rkxfFYV9AM5icUSMzwM8iT6gF2mb_tAiOpKXHM_Y5ipg

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220039-HHN
pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1677050663.726725,VS0,VE184
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx_A9-bUdSRl_pJ4_yq9t69IN1M0h3qb0_iVVO6QCI8fccwUVitrZ7rkxfFYV9AM5icUSMzwM8iT6gF2mb_tAiOpKXHM_Y5ipg
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0A9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELEKD-w4Za6Pc6Q78zpTmqY&google_cver=1&google_push=Aa02lx8eJHCYhcs6tG0GI2SvfMB-Zp6ukOLSiE82sFMiy_34QzNMZgQHyr-rzXZrDiRFVI8zinol10-zooPk3YDmlGPWWVU...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8eJHCYhcs6tG0GI2SvfMB-Zp6ukOLSiE82sFMiy_34QzNMZgQHyr-rzXZrDiRFVI8zinol10-zooPk3YDmlGPWWVULw3Zo&google_hm=eS1OSm1majBCRTJwRl9qaX...

170 B
188 B

40ms
40ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8eJHCYhcs6tG0GI2SvfMB-Zp6ukOLSiE82sFMiy_34QzNMZgQHyr-rzXZrDiRFVI8zinol10-zooPk3YDmlGPWWVULw3Zo&google_hm=eS1OSm1majBCRTJwRl9qaXFLaDhRNjNZaUFkOVVvbDd0U35B

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Feb 2023 07:24:23 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx8eJHCYhcs6tG0GI2SvfMB-Zp6ukOLSiE82sFMiy_34QzNMZgQHyr-rzXZrDiRFVI8zinol10-zooPk3YDmlGPWWVULw3Zo&google_hm=eS1OSm1majBCRTJwRl9qaXFLaDhRNjNZaUFkOVVvbDd0U35B
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame F0A9 43 B
350 B 138ms
39ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFB5RoStJGej46x_5nLZUDw&google_cver=1&google_push=Aa02lx8Iq21jSIZ53dj5wYgzrPb2giJu6zf45SO1APudzGV_itQ3Xqxo56CMQr5ZqLrBYtpimtHt-LB98Uv8BXlLmcJmKAt0g22m
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:21 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: m9iueqt4mecnlfb5ab0jcb92pk0tm0e5

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0A9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED0RBWQ_KYzFG3R-X8o6338&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED0RBWQ_KYzFG3R-X8o6338&google_hm=Y_XDJhRmDMhMo-vqIj7ozAAAFFsAAAIB&google_nid=index&google_push=Aa02lx-gG6dtW_kYo20XS-PvrdZPF_0xb7UMg...

170 B
188 B

40ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED0RBWQ_KYzFG3R-X8o6338&google_hm=Y_XDJhRmDMhMo-vqIj7ozAAAFFsAAAIB&google_nid=index&google_push=Aa02lx-gG6dtW_kYo20XS-PvrdZPF_0xb7UMgCQdl6K5ZBhwKhVJ2AT7SnCee0Q_YY65JaAKDTmBhTyylQDHSUSaYpKoRDHbFC5VvA

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9dj4%2Bcubj53FPd6nBmMdqIgooyc3QeSJlDp5YgYBdvw6ysJAy%2Bpdn9VLRm6vx3ZF51er3xO96PY3DU3zH3sebD4g1hbKpn4y%2BddRbkNfbHG23zSRqw%2FH7BN%2B4ENAYZmptPLCVEXhKwc%2F%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESED0RBWQ_KYzFG3R-X8o6338&google_hm=Y_XDJhRmDMhMo-vqIj7ozAAAFFsAAAIB&google_nid=index&google_push=Aa02lx-gG6dtW_kYo20XS-PvrdZPF_0xb7UMgCQdl6K5ZBhwKhVJ2AT7SnCee0Q_YY65JaAKDTmBhTyylQDHSUSaYpKoRDHbFC5VvA
cache-control: no-cache
cf-ray: 79d5fb51c9bc3638-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0A9
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEI9ddOpqtrjmZ9vkt9V9c_E&google_cver=1&google_push=Aa02lx-preze5Jes2JAKNqKYIXgsGuu-rzl1q01_E7Iprmhdql62wdjRlgTuNzolAJ6hJZBr4hyjWketXeVnwbHV...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-preze5Jes2JAKNqKYIXgsGuu-rzl1q01_E7Iprmhdql62wdjRlgTuNzolAJ6hJZBr4hyjWketXeVnwbHVn6nMMsJrQxLYMQ

170 B
188 B

43ms
42ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-preze5Jes2JAKNqKYIXgsGuu-rzl1q01_E7Iprmhdql62wdjRlgTuNzolAJ6hJZBr4hyjWketXeVnwbHVn6nMMsJrQxLYMQ

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 22 Feb 2023 07:24:22 GMT
via: 1.1 dd133741afef09b02f3e6afd7cb39f40.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: AMS50-C1
x-cache: GeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=Aa02lx-preze5Jes2JAKNqKYIXgsGuu-rzl1q01_E7Iprmhdql62wdjRlgTuNzolAJ6hJZBr4hyjWketXeVnwbHVn6nMMsJrQxLYMQ
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: rWgT-pk70rhZbxh38A4VgUPMBsqN_J_V99pnJItftiDUw15vz9z3WQ==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F0A9
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJemTKDtkWI9weNoIOlt4Zs&google_cver=1&google_push=Aa02lx-abldkzC50qUF4qNRPYfNRWyR4qbDe52VCTF0XWy3h1buufvkoYhW0bjXCHdgZ7MaYrwTPCTbXeaoqHtgQC-XrA5IppioM
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-abldkzC50qUF4qNRPYfNRWyR...

170 B
188 B

38ms
38ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-abldkzC50qUF4qNRPYfNRWyR4qbDe52VCTF0XWy3h1buufvkoYhW0bjXCHdgZ7MaYrwTPCTbXeaoqHtgQC-XrA5IppioM&gdpr=&gdpr_consent=

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5NDAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx-abldkzC50qUF4qNRPYfNRWyR4qbDe52VCTF0XWy3h1buufvkoYhW0bjXCHdgZ7MaYrwTPCTbXeaoqHtgQC-XrA5IppioM&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F0A9 0
12 B 36ms
36ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JBd1VqeO0YvghPJ51Kiz3NKu9a7pvGIgdwZHPkUO5QZ9gJJOOus1Djxr1RZ7hUxnrnuXCl

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 87 KB
22 KB 37ms
36ms Document
text/html 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d72f94d87d29899009b8359c4c51ec52eafbd8b0e4830248d6f4344666d9629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:22 GMT
expires: Thu, 22 Feb 2024 07:24:22 GMT
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FD39 0
0 176ms
86ms Fetch
image/gif 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRLP6zA5yHpc2ofTTkiOIm8CtS3S2pwDBx0yzfuGfE4pT5Q6HVnEhlQCy6NTT9RXILTf9iWpApxigyv8hWYee0oBXHOGTvhxB3e_O9VK6Hkyq4QFwEZQ_NKBHgIw0nub19_RlhEOngnrpiefeG5mSwVPiQBH38G9XS4tJRWQwe1Dxuy_2CBtdg2Ke2FAvZVvAvPIN9Urlkz4tu5UaT2pwX7H4Bgx66c7V6YkYPearUjjVJ4BrHPVIwA37uIBsqMAGGqLubHe8RyXNFfw7C2L3FlU4619M233vO_aXnzs37IX-15Y3B-genK2TpRsbK_eRDW1JWiGIr_DhhW9lrIl2eg8NOALBu0XXI7sKVBhxiM1m2elgmhZr-zeTOSFRJ4Dk9stWeseCmAaKoTrfdOS-t4TkzFT11xoGAw6cpokuOi5D3WY1l0EdPnCGErgDfyIufwM4GOiY6oqOv66tF8fUzeBiwXQ9Vtc1iEzmIvGlsQUlMtT2qeM1tAQCM-QgiMPO_F0JfjxHh5YxNoztya9an5yG7wm2WUv3_9a9dbs-Y39IGqVFtHraf9NRBe_ryjE19V9y2KKMiumZVy1lt2pVCTqsJNSJIpU5QhvvArA2Ejj0-0s7iX1iVRhTZvS79xRcoNeqGM_QSB0S9teyfJDon4pbUmAVf9A06qP02n-rhEIpbJZNbL1_iqRv76L9wcpf0GnpwRfqFA4crwP6e6O3PwhPYy_hE-TJsPhHBDU-QGIqcn2qQyIUmlpRhBhD2G4hrtAmxae4ZWuxhFvR4ZBH8EmJST25cMpgzxwHstl6QuFAjxIFZpyOjiVebeoKWHJiGXQ2K0h9PzDvJsJO0WlFvYfgsYkgpskuOcoYcGAvk0oVLmeZHpOWA7R36wLupFqiLh8qxEB6kylq4p_mGt_Pi9WL2K4j5newHAY1bFkA2OS2DY4JodkAoYZfM5C4bEbXP2AI80g7cg3WyGgbbSEcJ1yrwW_u2kWjkdLGXzWj4iiIEoFGFuULOfpukqGJO6S-iImGNDe23pX7Hvqhmg8jLvzjtcTB2nIaV9gvRQIsGwG9_8YIM0FEMqmutELCPHsUObkc6dDss2tCg9tZUtPg-1fCEQyEe9-eMbEuppcYYdWpj-LbcOy_Iu7aO2RW1SBKz2Bxx8i_gExavW5puHzdDVs3UH2Wl9jgO7b4uWQDZbCQ&sai=AMfl-YS_G73bFmBwe9PPydk8h1hmFg09EBmReuaLVx_UQt_TLKO9Bf5uLZiqZYxo9dHOtBc63Zq6Cs0GjIYuP8hsp8ybFsJZ8S3oPswT9ALIUgWIHfjssRqlgIMBZOphMCdWdVEkLMPi6o6nF3u3LjnL4YW4IhC_xU99BFFZIX7ZrP0mleh0GhKzqZcR9Z6QyEKCyUfvyRWrgRSp0y-0ELn4DRlfsFzthGUfURu6WbC--jjihjZm8QH9ceuzEHSWOtnoPQ-a&sig=Cg0ArKJSzGRb_S-TdRBpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=85&cbvp=1&cstd=81&cisv=r20230216.10584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame FD39 41 KB
15 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 13:42:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 150089
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Feb 2024 13:42:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C3BA 1 KB
643 B 28ms
26ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Wed, 22 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FD39 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3156dc4bd0692fbc0d2a10552f02022d49906cefd3bc256ab9f34a95a6a928c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK layout_renderer.php Show response
as.euw1.jivox.com/unit/ Frame C56B 281 KB
51 KB 91ms
90ms Document
text/html 54.75.204.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/unit_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=${US_PRIVACY}&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.75.204.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-75-204-73.eu-west-1.compute.amazonaws.com
Software: Apache /
Resource Hash: 7f590295690d4df112dd4b4feaa1569bd723f4868e58d89b5cdd5e5f3f3e9087

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Wed, 22 Feb 2023 07:24:22 GMT
Expires: Mon, 26 Jul 1997 05:00:00 GMT
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1EBE 1 KB
643 B 28ms
27ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35984
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 21 Feb 2023 21:24:38 GMT
etag: 48472445140208031
expires: Wed, 22 Feb 2023 21:24:38 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8C08 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d26878737b845fd929ea49c019a213a718c02a3ac759b1b388f324ddb3e8a59

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0B9A 22 KB
8 KB 29ms
28ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 150089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 13:42:53 GMT
expires: Tue, 20 Feb 2024 13:42:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame BA6E 118 KB
40 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 18:32:14 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame BCB4 118 KB
40 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:32:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46328
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Feb 2023 18:32:14 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame D4FE 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:30:08 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C55A 22 KB
8 KB 29ms
28ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 150089
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 20 Feb 2023 13:42:53 GMT
expires: Tue, 20 Feb 2024 13:42:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3BA
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELk463K9UK4ZCYZAqU1sO90&google_cver=1&google_push=Aa02lx_HOoyb0qEoNXLh1q9QtqET817G5ReK61J4YXsgyYltVXI91WZ_z3z1iQXFLV83KDXG5SoYA7TlpRs_fD5h...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_HOoyb0qEoNXLh1q9QtqET817G5ReK61J4YXsgyYltVXI91WZ_z3z1iQXFLV83KDXG5SoYA7TlpRs_fD5hduHtSUcNzTJHKQ

170 B
188 B

40ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_HOoyb0qEoNXLh1q9QtqET817G5ReK61J4YXsgyYltVXI91WZ_z3z1iQXFLV83KDXG5SoYA7TlpRs_fD5hduHtSUcNzTJHKQ

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Feb 2023 07:24:23 GMT
Server: MT3 475 4bd2ccd master cdg-pixel-x29 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_HOoyb0qEoNXLh1q9QtqET817G5ReK61J4YXsgyYltVXI91WZ_z3z1iQXFLV83KDXG5SoYA7TlpRs_fD5hduHtSUcNzTJHKQ
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3BA
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx-C21L17Atgyz0QoICeFUvGl9xMK9R0JEEde_7mw9I0U3050mDBMK...

170 B
188 B

39ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx-C21L17Atgyz0QoICeFUvGl9xMK9R0JEEde_7mw9I0U3050mDBMKN-T_AxkwBzMjT2SVG2zJIf_py25cO9JQd2S_Oq7VhZ

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220039-HHN
pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1677050663.768627,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEL87IcxGjmTYdmzazf0dZj0&google_push=Aa02lx-C21L17Atgyz0QoICeFUvGl9xMK9R0JEEde_7mw9I0U3050mDBMKN-T_AxkwBzMjT2SVG2zJIf_py25cO9JQd2S_Oq7VhZ
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3BA
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEI6S2xIsPlovp36TEFqSO9U&google_cver=1&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxI...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEI6S2xIsPlovp36TEFqSO9U&google_cver=1&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxIkMrkCuwGhw&google_hm=5qpODxc7S5aqO36d7nrocA==

170 B
188 B

39ms
38ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxIkMrkCuwGhw&google_hm=5qpODxc7S5aqO36d7nrocA==

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxIkMrkCuwGhw&google_hm=5qpODxc7S5aqO36d7nrocA==
date: Wed, 22 Feb 2023 07:24:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame C3BA 43 B
136 B 40ms
37ms Image
image/gif 35.227.252.103
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFB5RoStJGej46x_5nLZUDw&google_cver=1&google_push=Aa02lx9O6vk9FVtWk93xxA-LL70d09kEGKjHM24AHbc0bJ_TiJRFemidhJXld4gxtgMbQFwtfwYqsswNgByPK4y2vbxsENaOW96x
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 103.252.227.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: bl83a9vdj6ch83fknvl41jp4lbmlnprd

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C3BA
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEBtVAUbE1jrMMwKaGwysmH0&google_cver=1&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEBtVAUbE1jrMMwKaGwysmH0&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35Nj4hdfD4IV_UEKRVg&google_hm=MWp4dThwcWtjWHZzUk...

170 B
188 B

40ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35Nj4hdfD4IV_UEKRVg&google_hm=MWp4dThwcWtjWHZzUkZBakV0bk8=

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:23 GMT
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=Aa02lx8EywF3RDOwciaiXujc9S3B4Mcjxc39q2vqd3FlprIKZBHwiKym-UBvMMSMohXtkDOPSz4In0m6R0G35Nj4hdfD4IV_UEKRVg&google_hm=MWp4dThwcWtjWHZzUkZBakV0bk8=
P3p: CP="We do not support P3P header."
Cache-Control: no-cache, no-store, must-revalidate
Content-Length: 238
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame C3BA 0
45 B 203ms
42ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENpZkNRuqrI2vel54lE5N0c&google_cver=1&google_push=Aa02lx_5ibSY9ZsNHhSShdC0uT5IgvgMEdEfvgHKDUGjpOlkDruLJVINJPwGvOhTNoISrVP7JyHwE13XXoJuB2nELReN4QOEWe4iAQ
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-length: 0

GET
H2

200

report
sync.teads.tv/um/ Frame C3BA
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENwzDYPDJsBQ0OIvCweK77U&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-RHk-IZOn4jHAQak5eu5YbyJFydsktOY8aa8F-j0eCwXxpFZe1duM-MMhW--3kVC1kvMJWHBCbNfC3lzxcbyKPbHUU4nCAzhs
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

82ms
82ms

Image
image/gif

23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Wed, 22 Feb 2023 07:24:23 GMT
pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C3BA 0
12 B 38ms
36ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13InyF8IXBaw-rOf4_lUlbo5hCi06XBb4KJJfgsSsnM1QIf0tF6hHGitfKEc_yfWl21FCgEPig

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EBE
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELk463K9UK4ZCYZAqU1sO90&google_cver=1&google_push=Aa02lx_2076t_pzw-1Se4UA032WJTGH95Oo6XQKNE7Lef5Sqy2nUhmPhqPfl0FYtGN7Ph_J5MiYpDaC1jU4gyUwI...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_2076t_pzw-1Se4UA032WJTGH95Oo6XQKNE7Lef5Sqy2nUhmPhqPfl0FYtGN7Ph_J5MiYpDaC1jU4gyUwIwZ_xH0n3YFV9

170 B
188 B

40ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_2076t_pzw-1Se4UA032WJTGH95Oo6XQKNE7Lef5Sqy2nUhmPhqPfl0FYtGN7Ph_J5MiYpDaC1jU4gyUwIwZ_xH0n3YFV9

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Feb 2023 07:24:23 GMT
Server: MT3 475 4bd2ccd master cdg-pixel-x10 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aa02lx_2076t_pzw-1Se4UA032WJTGH95Oo6XQKNE7Lef5Sqy2nUhmPhqPfl0FYtGN7Ph_J5MiYpDaC1jU4gyUwIwZ_xH0n3YFV9
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EBE
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAQrccLxGUggXcIvhWlW5rs&google_cver=1&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9pW9oPp...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAQrccLxGUggXcIvhWlW5rs&google_cver=1&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9p...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMjcyMTY2MTQ5NjUzMTM1MA&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9pW9o...

170 B
188 B

41ms
41ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMjcyMTY2MTQ5NjUzMTM1MA&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9pW9oPprKluSccvQinKxG2mmvZLNQ

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NTQwMjcyMTY2MTQ5NjUzMTM1MA&google_push=Aa02lx96S0-rKdg93TKv5bdTCVevuYENf5d1k-Co1Mw42rPOIUTFbvOS1C7Y3bV5BxoyiNZ3V9pW9oPprKluSccvQinKxG2mmvZLNQ
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EBE
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQX2PgLxtCA6aNOI5w_r3g&google_cver=1&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vw...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEJQX2PgLxtCA6aNOI5w_r3g&google_cver=1&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vw...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vwPQr0Ttyc0KaAg&google_hm=GMq8pGZHyjymlCeZRXKJ...

170 B
188 B

39ms
39ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vwPQr0Ttyc0KaAg&google_hm=GMq8pGZHyjymlCeZRXKJa3-p

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 22 Feb 2023 07:24:22 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx9qm9TOAu9z8VKdrulcGnSRYhadEYLG2o4w2mGhHTufY8DQVdiwerw600Q4qhEBK2BWQ0GVR1c1hJMnsL1vwPQr0Ttyc0KaAg&google_hm=GMq8pGZHyjymlCeZRXKJa3-p
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EBE
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEJemTKDtkWI9weNoIOlt4Zs&google_cver=1&google_push=Aa02lx84oT9uW_AieIFRSVo6uuq0l8hhoRXI3sthsUVvkTelow6G8ZP106R6e_7AO0bjSqKq7BG_1PXWsVmBoW2BlOPgHCpYY...
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx84oT9uW_AieIFRSVo6uuq0l8h...

170 B
188 B

38ms
38ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx84oT9uW_AieIFRSVo6uuq0l8hhoRXI3sthsUVvkTelow6G8ZP106R6e_7AO0bjSqKq7BG_1PXWsVmBoW2BlOPgHCpYYuMYeg&gdpr=&gdpr_consent=

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 22 Feb 2023 07:24:22 GMT
Server: Apache
P3P: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&mn_hm=MzIwMDUyMjYyNzYzMTE5ODAwMFYxMA%3d%3d&google_sc=1&google_push=Aa02lx84oT9uW_AieIFRSVo6uuq0l8hhoRXI3sthsUVvkTelow6G8ZP106R6e_7AO0bjSqKq7BG_1PXWsVmBoW2BlOPgHCpYYuMYeg&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
X-MNET-HL2: E
Expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 1EBE 0
44 B 198ms
43ms Image
text/plain 185.86.139.103
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENpZkNRuqrI2vel54lE5N0c&google_cver=1&google_push=Aa02lx8LyIDy3nCETRfaXLC4ehOvrT-CfbmzwrIOlLFLgPluR-c_XkrKLR1h9EbO3PjIJRtcLG4t2UCWRViPccyYDAWUeEUPuQcJ
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.103 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1EBE
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHcpRt3MUqg8ZZbQ8wXgDi0&google_cver=1&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8pXqM5MFS_4iTR90j3...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEHcpRt3MUqg8ZZbQ8wXgDi0&google_cver=1&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8pXqM5MFS_4iTR90j3...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12UE9VZ2g1RTJ1RnRFY1R6ODguOEtBMTlrTVR1U2tGTH5B&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8...

170 B
188 B

41ms
40ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12UE9VZ2g1RTJ1RnRFY1R6ODguOEtBMTlrTVR1U2tGTH5B&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8pXqM5MFS_4iTR90j360-Yk3fO6cRlwGoo4TwQ1DsPFU5Zk

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS12UE9VZ2g1RTJ1RnRFY1R6ODguOEtBMTlrTVR1U2tGTH5B&google_push=Aa02lx-EBoDF_ef5_QADWh5jIjYFM7c8Zwmy8borTeG4gAs2zIPSIkhz8pXqM5MFS_4iTR90j360-Yk3fO6cRlwGoo4TwQ1DsPFU5Zk
date: Wed, 22 Feb 2023 07:24:22 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

report
sync.teads.tv/um/ Frame 1EBE
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESENwzDYPDJsBQ0OIvCweK77U&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aa02lx-GDxCk-zMpk6sZOysiQ_dOjc_7f9nrmtf53I-3y_oxnVcTC5mimfR37tUAKYGkOreMgBp_p5aSob-duqGjKsVP4L78vgj0tOY
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

83ms
83ms

Image
image/gif

23.35.209.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 23.35.209.30 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-209-30.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires: Wed, 22 Feb 2023 07:24:23 GMT
pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.9
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1EBE 0
12 B 37ms
36ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jk9PDDTpIWkspkNKWI8hV3aDF7Fvam2kMokU0YzhU4MpH1_8QXlmckJu2OH5zlaA-GP293aQk

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 jquery-2.1.0.min.js Show response
playercdn.jivox.com/1651821427/unit/js/gz/ Frame C56B 82 KB
29 KB 125ms
34ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/unit/js/gz/jquery-2.1.0.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 05:14:08 GMT
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:27:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 7815
etag: "84642ab523899a6150af1489287de4de"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 29294
x-amz-cf-id: lVAGIiMi1yuMxMVWobnQuJqwsU8xCraXqWYpO3g2Cb5bpCkfoCxjaA==

GET
H2 200 velocity-raf-disabled.min.js Show response
playercdn.jivox.com/1651821427/unit/js/gz/ Frame C56B 34 KB
12 KB 150ms
59ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/unit/js/gz/velocity-raf-disabled.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 18:50:41 GMT
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:27:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 45937
etag: "6db08f58b76a3c4459a454a7acf752ca"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 12405
x-amz-cf-id: icflqh1Cc67lVejSNve-0LMiDOLhnhG5zo0KiR3y1tK8sTsfz9AfPQ==

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame C56B 29 KB
6 KB 152ms
61ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:49:44 GMT
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:29:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 27279
etag: "2a0e0abd8f7f11fb012a534ea115a29a"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 5987
x-amz-cf-id: G6FJtALH7RDnJb5OWeyzDu3MFZKkI5itTV41mPYZnno01QzYEPvDfw==

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B9A 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:30:08 GMT

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 38 KB
38 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/poster.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10c2003a22cf790d579103d1e6c8cc6e8aa228ec4d48f62ac4bdbc4ecfca1be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 08:01:07 GMT
x-content-type-options: nosniff
age: 84195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39227
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 08:01:07 GMT

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 37 KB
37 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/poster.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f04b8f220d4f27a70534904566ed0764ba5d4982d5a09f0977b04eeb425b6b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:21:01 GMT
x-content-type-options: nosniff
age: 461001
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37732
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 23:21:01 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame C55A 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172454
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:30:08 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FFA2 0
0 80ms
78ms Fetch
image/gif 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvH5kAgRj0ySBrdXDUpV-zp1L4WBuUXSBbmnsy-aWD92G_7fxO18lfllnB9ZkZx4mm5AgilBLGqoPNie4aO6Lta7NRbs4OZChBxPyixp0FOTiNdnZDqKs_Ck4evSrHbhkbweLQJc-dE2jSuD21EBLxxAyPCxCZj4MIZiQJgh2GWT1wB86PSh6kIStY4VEPylsTyBSUO3KGH2kxpH6nE89Cbugt5Hs84rVajT0WaO2kp7HyitggtAPpZu4JCt4JZT7DjIk9t96u24E6HQRyfz3rFhDax0mz8ZeU3SpVqr7Fzp3sD-EYMdNbxIUXehmOLfRy5VX26nECEgyqjnUUlcLc5LzZJ5TZgaTLsRJkWjqsTV4XwCZRFz95cyiDXXh80yp-uJHEPStO-k8YVh9lEpKdMc-Ib-V0NYn4-EN8ultSND1IH7DHwfQdIK8MIFIITl2he_ErwumvOVrAFYZvw1HZGsGezQ0KnSbdwjFAKqteCLBNO6dn-pOZuTGC30EeVrIYEijI0T3fJ8WeZPSm3B52m3BgV9SS_HNEDd847m6PmBlDuj1iFf1dL2B1H8AY8UAhtnvXrhTAOw4poLVWd_VahO6YvxtGSqeoq5m0p-2fbKNTooCdyBrkLbH8vfbwBC17mAODBL4qKh1gqTELuUw281UcrCXjGOMclNLbF-eE11fEiR0S1es4k9pMbcT30r9-c38E2K4cHLaLIy1fCtND5Z3SzTVshPWIhT-BXd13HLmDg5so1L2onNDW-9zckxud-bLN1D5P72wrnKrHQpJM0U1HnRhoS8zW3H2gN6rAdbzPh3z7HpEPmdQ0TvMWN-kgxR_qHQze5c-wPwJ03n9y017uw0agqFnSc8eP2kgLkLbvQq2IUQV8wMeTshXiHLpU1hxgdITBT0q9mMTdMc6zK9_WFADDY-rT4tK8EcmSEZSea-CNiXc39pLbuMGzLpCvJQ3TPKAbger3_y1K24_da7X5Rmc19iUqNLngEs4Feh0Kl41uZhGFtzyi0QchhLbi-zG6f9sOyhHDJy6uEHPDJ2ue24hXHR_tKMIdck3VsBasYtZwYsbV6SrM2_CD9GIDMnM4wk9_yCkzuBxA8UggxWSKL3DVSpROfZ7kqnKzcGKUuTF_6t8cAbuGUHkv7ObbRFllbanvl4J4LAhd2Bd54GOJRwKs2-EM6j3dzV3hyBWY&sai=AMfl-YRm3-VtwhIoddHQr2k-iOnBGCqjtBqdSMf6ymV538CMbhLDT-jBPBt3lBMNegHOvvI5VSfp91u5aK185xmyy6DidNqk5qWGD_9jXEii7BjDMEgsaUkFlDEUaXUoHFDLJBWnr5Q6fC7rvFeJHSrG3qiibdpQw6QIE7uSH8SCQJ0OcQZnNRGSAfP4BmZe8D4DQvMqSo6J2XCcPc2EHBRDBED-hA8I6UoNsOM1iU0dWl_g2H1j2FeTEvrR99iENgg1nF6y&sig=Cg0ArKJSzIBbjVRJIpQlEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=488&vt=11&dtpt=313&dett=3&cstd=168&cisv=r20230216.07488&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame FD39 0
0 80ms
78ms Fetch
image/gif 142.251.208.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuRLP6zA5yHpc2ofTTkiOIm8CtS3S2pwDBx0yzfuGfE4pT5Q6HVnEhlQCy6NTT9RXILTf9iWpApxigyv8hWYee0oBXHOGTvhxB3e_O9VK6Hkyq4QFwEZQ_NKBHgIw0nub19_RlhEOngnrpiefeG5mSwVPiQBH38G9XS4tJRWQwe1Dxuy_2CBtdg2Ke2FAvZVvAvPIN9Urlkz4tu5UaT2pwX7H4Bgx66c7V6YkYPearUjjVJ4BrHPVIwA37uIBsqMAGGqLubHe8RyXNFfw7C2L3FlU4619M233vO_aXnzs37IX-15Y3B-genK2TpRsbK_eRDW1JWiGIr_DhhW9lrIl2eg8NOALBu0XXI7sKVBhxiM1m2elgmhZr-zeTOSFRJ4Dk9stWeseCmAaKoTrfdOS-t4TkzFT11xoGAw6cpokuOi5D3WY1l0EdPnCGErgDfyIufwM4GOiY6oqOv66tF8fUzeBiwXQ9Vtc1iEzmIvGlsQUlMtT2qeM1tAQCM-QgiMPO_F0JfjxHh5YxNoztya9an5yG7wm2WUv3_9a9dbs-Y39IGqVFtHraf9NRBe_ryjE19V9y2KKMiumZVy1lt2pVCTqsJNSJIpU5QhvvArA2Ejj0-0s7iX1iVRhTZvS79xRcoNeqGM_QSB0S9teyfJDon4pbUmAVf9A06qP02n-rhEIpbJZNbL1_iqRv76L9wcpf0GnpwRfqFA4crwP6e6O3PwhPYy_hE-TJsPhHBDU-QGIqcn2qQyIUmlpRhBhD2G4hrtAmxae4ZWuxhFvR4ZBH8EmJST25cMpgzxwHstl6QuFAjxIFZpyOjiVebeoKWHJiGXQ2K0h9PzDvJsJO0WlFvYfgsYkgpskuOcoYcGAvk0oVLmeZHpOWA7R36wLupFqiLh8qxEB6kylq4p_mGt_Pi9WL2K4j5newHAY1bFkA2OS2DY4JodkAoYZfM5C4bEbXP2AI80g7cg3WyGgbbSEcJ1yrwW_u2kWjkdLGXzWj4iiIEoFGFuULOfpukqGJO6S-iImGNDe23pX7Hvqhmg8jLvzjtcTB2nIaV9gvRQIsGwG9_8YIM0FEMqmutELCPHsUObkc6dDss2tCg9tZUtPg-1fCEQyEe9-eMbEuppcYYdWpj-LbcOy_Iu7aO2RW1SBKz2Bxx8i_gExavW5puHzdDVs3UH2Wl9jgO7b4uWQDZbCQ&sai=AMfl-YS_G73bFmBwe9PPydk8h1hmFg09EBmReuaLVx_UQt_TLKO9Bf5uLZiqZYxo9dHOtBc63Zq6Cs0GjIYuP8hsp8ybFsJZ8S3oPswT9ALIUgWIHfjssRqlgIMBZOphMCdWdVEkLMPi6o6nF3u3LjnL4YW4IhC_xU99BFFZIX7ZrP0mleh0GhKzqZcR9Z6QyEKCyUfvyRWrgRSp0y-0ELn4DRlfsFzthGUfURu6WbC--jjihjZm8QH9ceuzEHSWOtnoPQ-a&sig=Cg0ArKJSzGRb_S-TdRBpEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=396&vt=11&dtpt=311&dett=3&cstd=81&cisv=r20230216.10584&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.208.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:22 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Wed, 22 Feb 2023 07:24:22 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA6E 7 KB
6 KB 98ms
40ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7ec9b0ec1b969b0062f1f907368d9a55a7ab31c85bdea77f495d0733490bdb99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5717
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BCB4 8 KB
6 KB 104ms
48ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11812e716ef6c2a63895c62cf7585bb36c95fa9a415f5e248a563ee4f6331493

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5815
x-xss-protection: 0

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 38 KB
38 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/poster.jpg

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10c2003a22cf790d579103d1e6c8cc6e8aa228ec4d48f62ac4bdbc4ecfca1be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 08:01:07 GMT
x-content-type-options: nosniff
age: 84195
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39227
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 08:01:07 GMT

GET
H3 200 play.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 3 KB
3 KB 36ms
34ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/play.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

052f8bcc04af714065ffef33a7d5359843f7b3e240dee7a851b3d00e79dae0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:42:59 GMT
x-content-type-options: nosniff
age: 513683
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2948
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 08:42:59 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 17 KB
17 KB 33ms
31ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/replay.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49d5d030d72afc4fdebebb63b724b8790f0dcbc233429e944d4515bab4ff1d33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 15:23:37 GMT
x-content-type-options: nosniff
age: 403245
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17291
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 15:23:37 GMT

GET
H3 200 pause_sm.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 10 KB
10 KB 32ms
30ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/pause_sm.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

425881cf2e16e035012aec8f5c63c0cbc36af40ddf6de6a88ae3030722c48a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 22:57:55 GMT
x-content-type-options: nosniff
age: 462387
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10373
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 22:57:55 GMT

GET
H3 200 play_sm.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 13 KB
13 KB 40ms
38ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/play_sm.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa8ce895912c640c6fe091a30fdabd8284b4acff31c5bcbfc482b53ea859849a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:18:59 GMT
x-content-type-options: nosniff
age: 489923
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13169
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 15:18:59 GMT

GET
H3 200 audio_on.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 13 KB
13 KB 42ms
40ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/audio_on.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f104737c36fc80ba61d0cd43deda1344fed25306d5f180fab18f27b73e234717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 08:51:02 GMT
x-content-type-options: nosniff
age: 513200
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13786
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 08:51:02 GMT

GET
H3 200 audio_off.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 7 KB
7 KB 37ms
36ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/audio_off.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb1ba6ef1dd91fd9eb48efb027f86039a6e32327f6eafba0073ad1c629f3f22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 05:07:21 GMT
x-content-type-options: nosniff
age: 526621
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6689
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 05:07:21 GMT

GET
H3 200 Subtitle.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 4 KB
4 KB 39ms
37ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/Subtitle.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fa067db4359794557a35e34c1aafccab1ccd67683d29309fb42105f77cb4517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:47:31 GMT
x-content-type-options: nosniff
age: 531411
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3619
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 03:47:31 GMT

GET
H3 200 Riga2.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 2 KB
2 KB 36ms
34ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/Riga2.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da71cae6b3191160eb7def121ad64c0caa8a4ac2e74c70299bcd9eecb4122e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Fri, 17 Feb 2023 09:40:16 GMT
x-content-type-options: nosniff
age: 423846
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2079
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Feb 2024 09:40:16 GMT

GET
H3 200 Riga1.png
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 2 KB
2 KB 38ms
36ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/Riga1.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e232aae687c650aa7b27325fbc51ad63c2c30b670d1b2d32fe9f6c8570879b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:31:34 GMT
x-content-type-options: nosniff
age: 489168
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2376
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 15:31:34 GMT

GET
H3 200 logo.jpg
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 10 KB
10 KB 62ms
61ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/logo.jpg

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c1076beb52357c5dc33be81b6a83af02ce25fda3637ab1c3fd0c5f965a890e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:47:31 GMT
x-content-type-options: nosniff
age: 531412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9925
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 03:47:31 GMT

GET
H3 200 finale.jpg
s0.2mdn.net/sadbundle/8640819543681742274/ Frame BA6E 264 KB
264 KB 43ms
41ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8640819543681742274/finale.jpg

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fd3f1555612c51f3761e0b6d8ac1f6bcd029c30193d9ef9322c1989666bfd54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 03:47:31 GMT
x-content-type-options: nosniff
age: 531412
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 270732
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 03:47:31 GMT

GET
H3 200 poster.jpg
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 37 KB
37 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/poster.jpg

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f04b8f220d4f27a70534904566ed0764ba5d4982d5a09f0977b04eeb425b6b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 23:21:01 GMT
x-content-type-options: nosniff
age: 461002
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37732
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 23:21:01 GMT

GET
H3 200 play.png
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 893 B
925 B 44ms
43ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/play.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d986ce189291207358a7d6a742dc1a195412ef31296c0f5435cd123844bb97a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:31:45 GMT
x-content-type-options: nosniff
age: 543158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 893
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 00:31:45 GMT

GET
H3 200 replay.png
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 7 KB
7 KB 45ms
43ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/replay.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f12d09bdc591e6a2347b198df39587f5f4d4466d9d70d862f837e3ee0316510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 08:08:54 GMT
x-content-type-options: nosniff
age: 170129
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7088
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 20 Feb 2024 08:08:54 GMT

GET
H3 200 pause_sm.png
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 5 KB
5 KB 45ms
43ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/pause_sm.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbd3d9aef930859117df3aa9f5872babf077d42e96f48a4522057bece3a07952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 00:56:40 GMT
x-content-type-options: nosniff
age: 541663
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4641
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 00:56:40 GMT

GET
H3 200 play_sm.png
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 6 KB
6 KB 53ms
51ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/play_sm.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae587124abe92df9a591137f5038db6cc7376af48559946185c4ffdbf5c27d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 05:20:20 GMT
x-content-type-options: nosniff
age: 525843
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5864
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 05:20:20 GMT

GET
H3 200 audio_on.png
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 6 KB
6 KB 51ms
49ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/audio_on.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46ae94e86d87a15c198fa602c598b20055462140a565cddcc465e65784ece262

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 10:53:54 GMT
x-content-type-options: nosniff
age: 73829
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6039
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Feb 2024 10:53:54 GMT

GET
H3 200 audio_off.png
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 7 KB
7 KB 51ms
50ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/audio_off.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb1ba6ef1dd91fd9eb48efb027f86039a6e32327f6eafba0073ad1c629f3f22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 04:58:30 GMT
x-content-type-options: nosniff
age: 527153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6689
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 04:58:30 GMT

GET
H3 200 finale.jpg
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 61 KB
62 KB 45ms
44ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/finale.jpg

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e7deee61814b005aa4a2033f26facbaef7606d78bb39115b0c7641cabce43ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 04:53:55 GMT
x-content-type-options: nosniff
age: 527428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62960
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 04:53:55 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/2157933954622124474/ Frame BCB4 14 KB
14 KB 48ms
47ms Image
image/png 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2157933954622124474/logo.png

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

617d796e04c0e946dd3bdde1919a15d2ed919ce81b91296ccb8933b7f459c473

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 15:10:09 GMT
x-content-type-options: nosniff
age: 490454
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14234
x-xss-protection: 0
last-modified: Tue, 17 Jan 2023 17:48:53 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 16 Feb 2024 15:10:09 GMT

GET
H/1.1

206
Partial Content

file.mp4
r1---sn-4g5e6ns6.c.2mdn.net/videoplayback/id/c45e7b1ecafa1e51/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame BA6E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/c45e7b1ecafa1e51/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signatur...
https://r1---sn-4g5e6ns6.c.2mdn.net/videoplayback/id/c45e7b1ecafa1e51/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,m...

969 KB
969 KB

114ms
28ms

Media
application/octet-stream

2a00:1450:4001:60::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5e6ns6.c.2mdn.net/videoplayback/id/c45e7b1ecafa1e51/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3A51CE004629B182DF9D71FCE5EDB2FFE2C7B0CB.5CBC8EFD561A4E16AF4709DFEBFF9F8A9ABB4594/key/cms1/cms_redirect/yes/mh/6R/mip/2001:1b60:1010:2:1012:7052:2b0c:bd5c/mm/42/mn/sn-4g5e6ns6/ms/onc/mt/1677050061/mv/u/mvi/1/pl/36/file/file.mp4

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

HTTP/1.1

Server

2a00:1450:4001:60::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f0d959c83bf0a2a3a766bbbe60820b83f3857f0f3894ec75e3a29be8f057f77a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 07:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 16:12:36 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/octet-stream
Content-Range: bytes 0-992097/992098
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 992098
Expires: Wed, 22 Feb 2023 07:24:23 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-4g5e6ns6.c.2mdn.net/videoplayback/id/c45e7b1ecafa1e51/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/3A51CE004629B182DF9D71FCE5EDB2FFE2C7B0CB.5CBC8EFD561A4E16AF4709DFEBFF9F8A9ABB4594/key/cms1/cms_redirect/yes/mh/6R/mip/2001:1b60:1010:2:1012:7052:2b0c:bd5c/mm/42/mn/sn-4g5e6ns6/ms/onc/mt/1677050061/mv/u/mvi/1/pl/36/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 663
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

206
Partial Content

file.mp4
r5---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame BCB4
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signatur...
https://r5---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,m...

128 KB
0

115ms
28ms

Media
application/octet-stream

2a00:1450:4001:4c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/643F7795989B5F14597886DC82DCEFF6D64C557D.29DA9FA3EFC0DD03394FE2D382441160D2B35B83/key/cms1/cms_redirect/yes/mh/Ud/mip/2001:1b60:1010:2:1012:7052:2b0c:bd5c/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1677050061/mv/u/mvi/5/pl/36/file/file.mp4

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

HTTP/1.1

Server

2a00:1450:4001:4c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 07:24:23 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Jan 2023 16:53:01 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: application/octet-stream
Content-Range: bytes 0-1423841/1423842
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1423842
Expires: Wed, 22 Feb 2023 07:24:23 GMT

Redirect headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r5---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/643F7795989B5F14597886DC82DCEFF6D64C557D.29DA9FA3EFC0DD03394FE2D382441160D2B35B83/key/cms1/cms_redirect/yes/mh/Ud/mip/2001:1b60:1010:2:1012:7052:2b0c:bd5c/mm/42/mn/sn-4g5e6nzs/ms/onc/mt/1677050061/mv/u/mvi/5/pl/36/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 663
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jivoxWidgetApiV2.min.js Show response
playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/ Frame 4FF7 29 KB
6 KB 31ms
28ms Script
application/x-javascript 108.138.5.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://playercdn.jivox.com/1651821427/widgets/jivoxWidgetApi/gz/jivoxWidgetApiV2.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.5.230 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-5-230.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 23:49:44 GMT
content-encoding: gzip
via: 1.1 6b85d8725dd6471c3db1f65d4096afc4.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 07:29:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 27280
etag: "2a0e0abd8f7f11fb012a534ea115a29a"
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
accept-ranges: bytes
content-length: 5987
x-amz-cf-id: Uk4-is62hI0sqiGuAYFr73W8Vcj27uPHGuZoqvUXo7-OhMjWKoY4Lg==

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 4FF7 236 KB
63 KB 135ms
35ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:39:23 GMT

GET
H2 200 mazda_970x250_jvx.js Show response
assets.euw1.jivox.com/widgets/2023/1/a72798z63c7f19aab107/1/970x250_M2/ Frame 4FF7 26 KB
6 KB 102ms
29ms Script
application/x-javascript 13.32.99.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.euw1.jivox.com/widgets/2023/1/a72798z63c7f19aab107/1/970x250_M2/mazda_970x250_jvx.js
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-43.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2d93b3a9f4cfcfa52934e6ab74c5dec4c337976bc4ae137da6f9120b7d07acc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
date: Wed, 22 Feb 2023 07:04:06 GMT
last-modified: Wed, 18 Jan 2023 13:18:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 7882
x-amz-server-side-encryption: AES256
etag: W/"caccf17848067555ff8431a17395e4d5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=86400, s-maxage=86400
x-amz-cf-id: 7RT-acyovCG0tmigsDb6lRtzTSVq4prhp_BGVWs7C7fwYlJeGjlj0w==

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA6E 17 KB
6 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:24:23 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BCB4 17 KB
6 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:24:23 GMT

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9iRGltPTk3MHgyNTAvcj0wLjUxNDY5Nzc0NDQ3OTM0NjEvZXNfZXQ9MS9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8r...
evs.euw1.jivox.com/trk/66/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/ Frame C56B 43 B
229 B 164ms
52ms Image
image/gif 54.77.206.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/66/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9iRGltPTk3MHgyNTAvcj0wLjUxNDY5Nzc0NDQ3OTM0NjEvZXNfZXQ9MS9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2RheV9OaWdodF9Cb25kX3doaXRlX3Y0L2VzX3NlZ05hbWU9R2VuZXJpY19XZWVrZGF5X05pZ2h0
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.206.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-206-57.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:23 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9lc19jbGlja1VybD1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNE...
evs.euw1.jivox.com/trk/60/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/ Frame C56B 43 B
229 B 164ms
52ms Image
image/gif 54.77.206.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/60/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9lc19jbGlja1VybD1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ0dTZ0hKY1AxWS02UUlaV1BqdXdQMS11WHVBbXN0TEM2Ym9EbXd0dmRFTks1alBHLUFSQUJJTHZqaHlSZ2xmcndnWXdIb0FIbTQ5N3BBc2dCQ2FrQ3A0UXQ1Nkxoc1Q2b0F3R3FCT1VCVDlDTmg2N2NiNUZSUG12cUxQbVgxVFJnOEc3NzA0OEYyU2FzSFgwcjZ6YVNrMGFveEZCVENHZTlKcGJYM0VNNXVtZkZNUjNWQ282bmM2ajk5cGhzdmhmMnQ4ZTJXV0dUTzJ5Y0I0aUlUVXJTQ1VQWlVJWXpDNDk5WklUSlFfRllPN1FtT2JFa2poTFA0NzdxU0NIcGNwaVZUdmRRTmh0cGtSYzZNMnNPQmNldG8wVVhFUUZucnh5bk1STTBvZVI4Q1U3bTgzcGluVkdBUHR6cTZKSThqNFQ4eEZfQXBwS1N1d3MwOHhPUEI5N3J1NHNGUW0xM2VmZXA5ZUdXdU9pVnkyNDRuWmVkZlAtMnFqb2J6UjRORE9BQkNhNmMzeWxjRGlPM3VyVEFwOGxKVThkcFFjQUVuSXZCaUpBRTRBUURrQVlCb0FaTmdBZUNuS0dXQWFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCRUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFJQUtBNWdMQWNnTEFZQU1BYkFUcnZfb0VkQVRBTmdURGRnVUFkQVZBZmdXQVlBWEFRJTI2YWUlM0QxJTI2bnVtJTNEMSUyNmNpZCUzRENBUVNPd0RVRTV5bW55eGJwMEZPZmpIM3RqbGozLVVWMWJrX21XTmtCV2lGYjRaYnZZeHhKUHQxXzdaWkIyV19UOTd6RUE1WnhyckhscF9IUDMySUdBRSUyNnNpZyUzREFPRDY0XzBpWENsYk4zaUpNNF8td2ZhaWxsS2NROWZQYkElMjZjbGllbnQlM0RjYS1wdWItMTMwMTU4MTU2MTc1NTIzNCUyNmRibV9jJTNEQUtBbWYtQWN2cG9SakthUnpWTmp6YUhwWWdXQjVwWmk0ODJWOXVFWHZKY0JMeEtzQ0ZuYXIwTC0tZzlWMElkdDBKYU14ZWw0M0F0MU50ZzAzOVZSOTNPcEk0VEhmUmo1S3N1V3lEUWtNdE5JY0lDUjlWVEJvZmk1eHpUMWtlckdZU3pEY0ItLWFnQ1oyOWpoSEwyZ3FiRHI5MmttU3ZNM3FUeHBDbnBJRzh4TDRIWTYxSTB6cGljJTI2Y3J5JTNEMSUyNmRibV9kJTNEQUtBbWYtQWJYdDVaSE03VTMzeDFIZF9NbGM5MGVtenE5eEtjeTN2U0JTX2hHVG9EOW1kdjJYQ3BCZU0yT2NtcHFYY3NaRzlEcUhJQnFKaWVkVE5yUnNiOFg5YWg3NVNrbV8zWGVZcGEwWUE5YlZDTlRNVURtTXFSWnZkbWkxc3FkR2NnOWZDQXhrcXA0UHZUVVVCRXNoekViVlpRb092RDdzcWdoRkR3QkpIV0lSQkJNSEFVZXl1bXlydGpaSGxHekhmTHd5UWh3TjlaaU8wRXUtYTl2S2g1ZEZ0bGwtRDBiNVZWcUczd3FzWEtvelYxRXRkd0poTnhvREpDWW5KWFVrRGVQYzN1ZnhFN0w2Z1o0VkpmSEk5M1FhNUtzNjN0d1EtVENHaFNlbEdsZUNHbDZSNms1LWhBWEU4S1FBdzh2LXd0c2hpWnItWlBEOVJHRFFVMmtjTy1HRGc1ektwb3NfLTE1TElDR2xtSzN5N3FFU29vZTJidEtUN1BCTWhaN2hCZ3NNVTBBczh6UWdMWXRteE8wT0c4dFNTRk5GSHJRWjAwZlJ5NC1aTmFiYWJnYVQwdUJmNTA5T0phNDk0ZEI3MnRlMXRvbjdZTWx2UTZLbC00bU8xSS1tM1FtSWd1emVQX1IxTUdKZTFRcm1VZlhEMFJPbTdvcU5uenNmczlQMWg4SnBiRXA2ZVdTMXktQVFNNFFRNHJvektZYjZOTFBjc3hVbmtocEk0Y2NiLUNZcmk0bnI0ekx2TVNHckdtN2RjMF92dkRQUlFPYUYwSTMzNVhsSlNqV1RKZGM0aGptS3g5S2EzSjEzaDR6bkszakJBR1lUQSUyNmFkdXJsJTNEaHR0cHMlMjUzQSUyNTJGJTI1MkZ3d3cubWF6ZGEuZGUlMjUyRm1vZGVsbGUlMjUyRm1hemRhLWN4LTYwJTI1MkYlMjUzRnV0bV9zb3VyY2UlMjUzRGRvdWJsZWNsaWNrJTI1MjZ1dG1fbWVkaXVtJTI1M0RkaXNwbGF5JTI1MjZ1dG1fY2FtcGFpZ24lMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIlMjUyNm1vZGVsJTI1M0RtYXpkYSUyNTI1MjBjeC02MCUyNTI2Ym9keSUyNTNENXdnbiUyNTI2Y2FtcGFpZ25fZm9jdXMlMjUzRG1hemRhY3g2MF81d2duJTI1MjZkbXBfc291cmNlJTI1M0RubyUyNTI2ZGNvX3NvdXJjZSUyNTNEeWVzJTI1MjZjYW1wYWlnbmNvZGUlMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIvY21Vcmw9aHR0cHMlM0ElMkYlMkZhc3NldHMuZXV3MS5qaXZveC5jb20lMkZ3aWRnZXRzJTJGMjAyMyUyRjElMkZhNzI3OTh6NjNjN2YxOWFhYjEwNyUyRjElMkY5NzB4MjUwX00yJTJGbWF6ZGFfOTcweDI1MC5odG1sL2JEaW09OTcweDI1MC9yPTAuOTE5NDg4NTUzMDkzNjU0Ny9jbGlja01hY3JvPWh0dHBzJTNBJTJGJTJGZ29vZ2xlYWRzLmcuZG91YmxlY2xpY2submV0JTJGZGJtJTJGY2xrJTNGc2ElM0RMJTI2YWklM0RDR1NnSEpjUDFZLTZRSVpXUGp1d1AxLXVYdUFtc3RMQzZib0Rtd3R2ZEVOSzVqUEctQVJBQklMdmpoeVJnbGZyd2dZd0hvQUhtNDk3L2NhY2hlTWFjcm89MTY3NzA1MDY2MTU0MjgzMC9wYWdlVXJsPWh0dHBzJTNBJTJGJTJGODI0ZTQ1OThkNjZlYzYxY2MwNzViNGVlYmY0YTg1OTIuc2FmZWZyYW1lLmdvb2dsZXN5bmRpY2F0aW9uLmNvbSUyRnNhZmVmcmFtZSUyRjEtMC00MCUyRmh0bWwlMkZjb250YWluZXIuaHRtbC9lc19jZ05hbWU9TU1ERV9NMiUzQURlZmF1bHRfbm8rbG9jYXRpb25fV2Vla2RheV9OaWdodF9Cb25kX3doaXRlX3Y0L2VzX3NlZ05hbWU9R2VuZXJpY19XZWVrZGF5X05pZ2h0
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.206.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-206-57.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:23 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9lc19jbGlja1VybD1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNE...
evs.euw1.jivox.com/trk/77/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/ Frame C56B 43 B
230 B 163ms
51ms Image
image/gif 54.77.206.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/77/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9lc19jbGlja1VybD1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ0dTZ0hKY1AxWS02UUlaV1BqdXdQMS11WHVBbXN0TEM2Ym9EbXd0dmRFTks1alBHLUFSQUJJTHZqaHlSZ2xmcndnWXdIb0FIbTQ5N3BBc2dCQ2FrQ3A0UXQ1Nkxoc1Q2b0F3R3FCT1VCVDlDTmg2N2NiNUZSUG12cUxQbVgxVFJnOEc3NzA0OEYyU2FzSFgwcjZ6YVNrMGFveEZCVENHZTlKcGJYM0VNNXVtZkZNUjNWQ282bmM2ajk5cGhzdmhmMnQ4ZTJXV0dUTzJ5Y0I0aUlUVXJTQ1VQWlVJWXpDNDk5WklUSlFfRllPN1FtT2JFa2poTFA0NzdxU0NIcGNwaVZUdmRRTmh0cGtSYzZNMnNPQmNldG8wVVhFUUZucnh5bk1STTBvZVI4Q1U3bTgzcGluVkdBUHR6cTZKSThqNFQ4eEZfQXBwS1N1d3MwOHhPUEI5N3J1NHNGUW0xM2VmZXA5ZUdXdU9pVnkyNDRuWmVkZlAtMnFqb2J6UjRORE9BQkNhNmMzeWxjRGlPM3VyVEFwOGxKVThkcFFjQUVuSXZCaUpBRTRBUURrQVlCb0FaTmdBZUNuS0dXQWFnSGpzNGJxQWVUMkJ1b0ItNldzUUtvQl82ZXNRS29CNlNqc1FLb0I5WEpHNmdIcHI0YnFBZWFCcWdIODlFYnFBZVcyQnVvQjZxYnNRS29CXy1lc1FLb0I5LWZzUUxZQndEU0NCRUlnT0dBRUJBQkdCMHlBcW9DT2dLQVFJQUtBNWdMQWNnTEFZQU1BYkFUcnZfb0VkQVRBTmdURGRnVUFkQVZBZmdXQVlBWEFRJTI2YWUlM0QxJTI2bnVtJTNEMSUyNmNpZCUzRENBUVNPd0RVRTV5bW55eGJwMEZPZmpIM3RqbGozLVVWMWJrX21XTmtCV2lGYjRaYnZZeHhKUHQxXzdaWkIyV19UOTd6RUE1WnhyckhscF9IUDMySUdBRSUyNnNpZyUzREFPRDY0XzBpWENsYk4zaUpNNF8td2ZhaWxsS2NROWZQYkElMjZjbGllbnQlM0RjYS1wdWItMTMwMTU4MTU2MTc1NTIzNCUyNmRibV9jJTNEQUtBbWYtQWN2cG9SakthUnpWTmp6YUhwWWdXQjVwWmk0ODJWOXVFWHZKY0JMeEtzQ0ZuYXIwTC0tZzlWMElkdDBKYU14ZWw0M0F0MU50ZzAzOVZSOTNPcEk0VEhmUmo1S3N1V3lEUWtNdE5JY0lDUjlWVEJvZmk1eHpUMWtlckdZU3pEY0ItLWFnQ1oyOWpoSEwyZ3FiRHI5MmttU3ZNM3FUeHBDbnBJRzh4TDRIWTYxSTB6cGljJTI2Y3J5JTNEMSUyNmRibV9kJTNEQUtBbWYtQWJYdDVaSE03VTMzeDFIZF9NbGM5MGVtenE5eEtjeTN2U0JTX2hHVG9EOW1kdjJYQ3BCZU0yT2NtcHFYY3NaRzlEcUhJQnFKaWVkVE5yUnNiOFg5YWg3NVNrbV8zWGVZcGEwWUE5YlZDTlRNVURtTXFSWnZkbWkxc3FkR2NnOWZDQXhrcXA0UHZUVVVCRXNoekViVlpRb092RDdzcWdoRkR3QkpIV0lSQkJNSEFVZXl1bXlydGpaSGxHekhmTHd5UWh3TjlaaU8wRXUtYTl2S2g1ZEZ0bGwtRDBiNVZWcUczd3FzWEtvelYxRXRkd0poTnhvREpDWW5KWFVrRGVQYzN1ZnhFN0w2Z1o0VkpmSEk5M1FhNUtzNjN0d1EtVENHaFNlbEdsZUNHbDZSNms1LWhBWEU4S1FBdzh2LXd0c2hpWnItWlBEOVJHRFFVMmtjTy1HRGc1ektwb3NfLTE1TElDR2xtSzN5N3FFU29vZTJidEtUN1BCTWhaN2hCZ3NNVTBBczh6UWdMWXRteE8wT0c4dFNTRk5GSHJRWjAwZlJ5NC1aTmFiYWJnYVQwdUJmNTA5T0phNDk0ZEI3MnRlMXRvbjdZTWx2UTZLbC00bU8xSS1tM1FtSWd1emVQX1IxTUdKZTFRcm1VZlhEMFJPbTdvcU5uenNmczlQMWg4SnBiRXA2ZVdTMXktQVFNNFFRNHJvektZYjZOTFBjc3hVbmtocEk0Y2NiLUNZcmk0bnI0ekx2TVNHckdtN2RjMF92dkRQUlFPYUYwSTMzNVhsSlNqV1RKZGM0aGptS3g5S2EzSjEzaDR6bkszakJBR1lUQSUyNmFkdXJsJTNEaHR0cHMlMjUzQSUyNTJGJTI1MkZ3d3cubWF6ZGEuZGUlMjUyRm1vZGVsbGUlMjUyRm1hemRhLWN4LTYwJTI1MkYlMjUzRnV0bV9zb3VyY2UlMjUzRGRvdWJsZWNsaWNrJTI1MjZ1dG1fbWVkaXVtJTI1M0RkaXNwbGF5JTI1MjZ1dG1fY2FtcGFpZ24lMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIlMjUyNm1vZGVsJTI1M0RtYXpkYSUyNTI1MjBjeC02MCUyNTI2Ym9keSUyNTNENXdnbiUyNTI2Y2FtcGFpZ25fZm9jdXMlMjUzRG1hemRhY3g2MF81d2duJTI1MjZkbXBfc291cmNlJTI1M0RubyUyNTI2ZGNvX3NvdXJjZSUyNTNEeWVzJTI1MjZjYW1wYWlnbmNvZGUlMjUzRG1tZF9hbHdheXNfb25fZGNvX2N4NjBfd2VyYmVtaXR0ZWxfZGVfMTU3XzA5MjIvY21Vcmw9aHR0cHMlM0ElMkYlMkZhc3NldHMuZXV3MS5qaXZveC5jb20lMkZ3aWRnZXRzJTJGMjAyMyUyRjElMkZhNzI3OTh6NjNjN2YxOWFhYjEwNyUyRjElMkY5NzB4MjUwX00yJTJGbWF6ZGFfOTcweDI1MC5odG1sL2JEaW09OTcweDI1MC9yPTAuMjkyMDk1Nzk2MzkxMzE1MzMvY2xpY2tNYWNybz1odHRwcyUzQSUyRiUyRmdvb2dsZWFkcy5nLmRvdWJsZWNsaWNrLm5ldCUyRmRibSUyRmNsayUzRnNhJTNETCUyNmFpJTNEQ0dTZ0hKY1AxWS02UUlaV1BqdXdQMS11WHVBbXN0TEM2Ym9EbXd0dmRFTks1alBHLUFSQUJJTHZqaHlSZ2xmcndnWXdIb0FIbTQ5Ny9jYWNoZU1hY3JvPTE2NzcwNTA2NjE1NDI4MzAvcGFnZVVybD1odHRwcyUzQSUyRiUyRjgyNGU0NTk4ZDY2ZWM2MWNjMDc1YjRlZWJmNGE4NTkyLnNhZmVmcmFtZS5nb29nbGVzeW5kaWNhdGlvbi5jb20lMkZzYWZlZnJhbWUlMkYxLTAtNDAlMkZodG1sJTJGY29udGFpbmVyLmh0bWwvZXNfY2dOYW1lPU1NREVfTTIlM0FEZWZhdWx0X25vK2xvY2F0aW9uX1dlZWtkYXlfTmlnaHRfQm9uZF93aGl0ZV92NC9lc19zZWdOYW1lPUdlbmVyaWNfV2Vla2RheV9OaWdodA==
Requested by: Host: as.euw1.jivox.com
URL: https://as.euw1.jivox.com/unit/layout_renderer.php?es_pId=8a1b5e9&isDynamic=1&campaignId=159897&gdpr_consent=&dspId=DBM&bDim=970x250&ap_DataSignal1=18275302463&jvxVer=2&gdpr=&bUnitId=2900&r=1677050661542830&cMacro=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCGSgHJcP1Y-6QIZWPjuwP1-uXuAmstLC6boDmwtvdENK5jPG-ARABILvjhyRglfrwgYwHoAHm497pAsgBCakCp4Qt56LhsT6oAwGqBOUBT9CNh67cb5FRPmvqLPmX1TRg8G77048F2SasHX0r6zaSk0aoxFBTCGe9JpbX3EM5umfFMR3VCo6nc6j99phsvhf2t8e2WWGTO2ycB4iITUrSCUPZUIYzC499ZITJQ_FYO7QmObEkjhLP477qSCHpcpiVTvdQNhtpkRc6M2sOBceto0UXEQFnrxynMRM0oeR8CU7m83pinVGAPtzq6JI8j4T8xF_AppKSuws08xOPB97ru4sFQm13efep9eGWuOiVy244nZedfP-2qjobzR4NDOABCa6c3ylcDiO3urTAp8lJU8dpQcAEnIvBiJAE4AQDkAYBoAZNgAeCnKGWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQIAKA5gLAcgLAYAMAbATrv_oEdATANgTDdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE%26sig%3DAOD64_0iXClbN3iJM4_-wfaillKcQ9fPbA%26client%3Dca-pub-1301581561755234%26dbm_c%3DAKAmf-AcvpoRjKaRzVNjzaHpYgWB5pZi482V9uEXvJcBLxKsCFnar0L--g9V0Idt0JaMxel43At1Ntg039VR93OpI4THfRj5KsuWyDQkMtNIcICR9VTBofi5xzT1kerGYSzDcB--agCZ29jhHL2gqbDr92kmSvM3qTxpCnpIG8xL4HY61I0zpic%26cry%3D1%26dbm_d%3DAKAmf-AbXt5ZHM7U33x1Hd_Mlc90emzq9xKcy3vSBS_hGToD9mdv2XCpBeM2OcmpqXcsZG9DqHIBqJiedTNrRsb8X9ah75Skm_3XeYpa0YA9bVCNTMUDmMqRZvdmi1sqdGcg9fCAxkqp4PvTUUBEshzEbVZQoOvD7sqghFDwBJHWIRBBMHAUeyumyrtjZHlGzHfLwyQhwN9ZiO0Eu-a9vKh5dFtll-D0b5VVqG3wqsXKozV1EtdwJhNxoDJCYnJXUkDePc3ufxE7L6gZ4VJfHI93Qa5Ks63twQ-TCGhSelGleCGl6R6k5-hAXE8KQAw8v-wtshiZr-ZPD9RGDQU2kcO-GDg5zKpos_-15LICGlmK3y7qESooe2btKT7PBMhZ7hBgsMU0As8zQgLYtmxO0OG8tSSFNFHrQZ00fRy4-ZNababgaT0uBf509OJa494dB72te1ton7YMlvQ6Kl-4mO1I-m3QmIguzeP_R1MGJe1QrmUfXD0ROm7oqNnzsfs9P1h8JpbEp6eWS1y-AQM4QQ4rozKYb6NLPcsxUnkhpI4ccb-CYri4nr4zLvMSGrGm7dc0_vvDPRQOaF0I335XlJSjWTJdc4hjmKx9Ka3J13h4znK3jBAGYTA%26adurl%3D&us_privacy=%24%7BUS_PRIVACY%7D&ts_pId=8a1b5e9&siteId=961ee94c58df6c&creativeUnitType=29&objectName=jvx_63f5c32650051&adUnitId=2900&jvxSessionId=1677050662.1634&base=1&creativeResolveBeginTime=1677050662000&omid=0&localTimeOffset=0&pageURL=https%3A%2F%2F824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&allowExp=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.206.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-206-57.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.euw1.jivox.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:23 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H3 200 prod_studio_01_247_videomodule.js Show response
s0.2mdn.net/879366/ Frame BCB4 13 KB
5 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_247_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2157933954622124474/index.html?e=69&leftOffset=0&topOffset=0&c=8kAvSoNE8a&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 05:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Feb 2023 05:21:12 GMT

GET
H3 200 prod_studio_01_247_videomodule.js Show response
s0.2mdn.net/879366/ Frame BA6E 13 KB
5 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_247_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8640819543681742274/index.html?e=69&leftOffset=0&topOffset=0&c=uFn9ogFgtV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 05:21:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7391
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5003
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 23 Feb 2023 05:21:12 GMT

GET
H2 200 live.js Show response
cstudio.aiqua.in/id/58e55a2f-0ca3-49a9-b5b1-1a31ff2a9016/ 183 KB
57 KB 191ms
56ms Script
text/html 2600:9000:2251:b000:5:2377:b1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cstudio.aiqua.in/id/58e55a2f-0ca3-49a9-b5b1-1a31ff2a9016/live.js?aiq_v=2023-02-21T10%3A08%3A08.099Z
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:b000:5:2377:b1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 0b558d4ee57424d16a594b12b2058000366e90eb3bd33fb5c60d98796267fa3d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 11:25:39 GMT
content-encoding: gzip
via: 1.1 6bf2ca4ea5a5c92a1d7cd2f9767e8674.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
age: 71924
etag: W/"2dd7e-aW15hSMaj9b7H47k5OJ9woViTf8"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/html; charset=utf-8
access-control-allow-origin: *
x-cache: Hit from cloudfront
cache-control: public, max-age=30
access-control-allow-headers: Content-Type,Authorization,x-requested-with
x-amz-cf-id: cVkirSxZE5kWJzdqXCxkCnXV7otdsQ7CvSXnqwLXQ1nyNhOxDYH45g==

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 71AD 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:30:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D4FE 0
20 B 64ms
64ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B4RO1JsP1Y_qPFvC89u8PvsKH-AQAAAAAOAHgBAI&bg=!1dal1oLNAAZYlHKzeJQ7ADkAdvg8Wq2mkVfLqVbNfreRna2epnOYXxZELJU2QRORrkv7p7Q1xUQJ4FL68G_d7YyWMTVyXbUUsIICAAABZ1IAAAACaAEHmQLuxuInjeE0vPE4C_lL2KAbT8qyDDIwiU2Z-7meNLtm3sxJUdDbuqSoqrduOio9bqpPYOhSB7x1BD2oEqvQGejpI9VQX8ahVrBOsbeeVpGBS4ZTYnC93dbWMlFYWXM4DlQxb47WRQe4ggyW9AbcNFUMFUOSdKXmGvoMjGAZDyM74HpnleGWTWQtDl6yL7C1CU_loYi0TtnDYduRcvfmy1_QPVnLcCj2KDZc0c3-K02j2smhptbNYLJSQNIA4Sk5pRfMLLQ5Llbhuq0F7eTz1LNtf_QB_2ocWLwXEZ0g1o6-9dATwYd5A1w33F2O3miF3mcElSvcLsgmhB-n1X5Si7w7FqSUGpJZPRrxfbbHj3-UMaqZgU2XY8l1DraXZ9u4hcjkNE6YwxnlpkvPsQO07Y0sok12e2AmYjdKKGggHJQao0-mTlwPpKF0gLnc5KSeWss5fWx83Jgy5v9H8ngwwp_6lcnskwj6UnJC7SpGNWUZ3Zcwhl_IClBBX2Ucpgrd5AZyn2DyP9JzdegRuquiZxjw4z6jxgT92Nv_ZPIIx2ulizuUatzYsATZZlxZNRTfAhwQ7OS0RUarcp1NDDUK5QlXFWIPvsJQQG059-lzPnD5Erwiu-pG8kCRKHxNbisY_BZcLXQOczzbW45BULlpWAVo9fhxRcVJ2ULkGUUZAGcdmRJ8ULJozXGafi5HLjhiBJzc3CL0YLtP2MuG4AudLZ3Bmrimp8o09BqJmL-sEoymmzV_mvPrfVMngf4LyjunrsH0xEUMklzKhlnsl-QgsS1-Il7ja5lR32kvV_g21bvtD4MkCknAX54TKmS4qv2C4xA6eJYmG5lKVFBIxXbFMSn_KQ65n9_DSwYV-iVaw7M50P6--w7DSzHv0jvpuCdIaD8j_mKg9ZXTpcFq3O4HnTk9wBUAg-VxOi-IOo0QUYH_DJAaf5qe-4yv1b5DifIp0el5FDFW9MlyXVYYe7yA61z8UJdqfw9Cxb2k7RGQRt-U

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E4D 36 KB
14 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:30:08 GMT

GET 2021_CX-60_GER_LHD_C122_EXT_FQ_White_High_Japanese_Premium_WhiteLeather_Home_till20240131.jpg
cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame1/ Frame 4FF7 0
0

GET
H2 200 es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9lc19ldD0xL2JEaW09OTcweDI1MC9qdnhSYW5kb209MC41NzcxNjQyNjUzODI4NDc5L2VzX2NnTmFtZT1NTURFX00yJTNBRGVm...
evs.euw1.jivox.com/trk/72/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/ Frame 8C08 43 B
229 B 52ms
51ms Image
image/gif 54.77.206.57
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://evs.euw1.jivox.com/trk/72/205954/2900/159897/961ee94c58df6c/29/jvxSId_1677050662.1634/es_pId_8a1b5e9/es_encParams_L2FwX0RhdGFTaWduYWwxPTE4Mjc1MzAyNDYzL2FkYjEta2V5PTgwOC9hZGIxLWlkX3ZlcnNpb249Mjk3MDBfMS9lc19ldD0xL2JEaW09OTcweDI1MC9qdnhSYW5kb209MC41NzcxNjQyNjUzODI4NDc5L2VzX2NnTmFtZT1NTURFX00yJTNBRGVmYXVsdF9ubytsb2NhdGlvbl9XZWVrZGF5X05pZ2h0X0JvbmRfd2hpdGVfdjQvZXNfc2VnTmFtZT1HZW5lcmljX1dlZWtkYXlfTmlnaHQ=
Requested by: Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.206.57 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-206-57.eu-west-1.compute.amazonaws.com
Software: akka-http/10.1.11 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:23 GMT
access-control-allow-credentials: false
content-type: image/gif
server: akka-http/10.1.11
content-length: 43
p3p: CP='IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA'

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B9A 0
20 B 64ms
63ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BNw8PJsP1Y9iDG8H33wPegLX4DwAAAAA4AeAEAg&bg=!q6ilqPzNAAZYlHKzeJQ7ADkAdvg8Wk5agd2mula9NiPTSdZvr66ch873H_kOFRQrBRw6TWgGpvXC0xNUQrxqmTrmts9EnueOB0kCAAABcVIAAAACaAEHmQLh8UwB8fIERSfL8wOOUyrH-Wb-tmhKJHX6D6CKhqu5AJCkL8u-Wic1LhRWmyFheSqRY13Qjboqr_mJJdABcz0R46gbC8lVnENmBcXcL207hqUl0zw_xuZFYVPCdcNffCi4y4F-4s0BGK0tdBmxzGSeR2LKx2F6k2DzhBKqidNyUyp1BHBlyVe3lCTYExjARM-XECGIwDjcGqHuvU90gWh2EDaglvoR1nRgIN1K-iLkpGySXFh8ZfFMBvP2P8H30QcJrXphW-QXW9UKLADDFQ8RoCG1frGda2UxNw6aD2O-kF66HPcr8lpNDPsv1cBE86ZDJq93JvC6KRSlOYM-we7NdD8Jq9XGxv_FeMtiepO4otlB3sjjotvRcj6a5-Jsz9o40P9LHTyQOugOXTlp1msqBgZRXCnj8jqYHvsaLquvlFbCTIefwxZDKKugxqwgvPOk2Bp6g2EuPxPmqvWNnar_cULuUJ2h9ZIba-aWkCKoHL6kfUw3osTquVzHMneSjEMVXzdx1mxL5hR3L1xUiIu8GzTH-DR-xlBMNcnrRscIXnktbpS5TFYJ-H66IAKcZ2P0AnTnHB7oeCeqlLDESCV6dV6mG4bosLus0PZCpwf76JHSfviqX5a5BvNWH9s3V7zg7SIUSeM-zibqe9UsvbxqhMCwyxiNAj4DvDHvfeF1VVbBRrVcycx5A--wUeizL5SovP_5pHfOqSKvnuVe8CLrXRXjwaJqNjyz2VbiLMh3BvDbtcAUIaHmFP6ofjpJ9k_kzeStTwxjEyOI4K_ZOS2XVAPkjrO9Y47CBXLTXbDTMJZcqGztPAUDa_N5g5yZid0msJC-EKvohhx_upAHE-vHmBR6Dlu-9WxU7BfAWlYigDVkMbCjzx1cUmBoml_kEAnBw4bt0wlr5Oz3Bm5X3KLmJLuuGpGC6R-DMhLbbrgwnEQWDCroaxuQVLT5bDCPstyySCjX3VtKIed2i3XyTaLPk1k

Requested by

Host: 824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
URL: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C55A 0
20 B 63ms
63ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BI_LJJsP1Y8fiGbXa7_UPqPKqiA4AAAAAOAHgBAI&bg=!R0SlRBDNAAZYlHKzeJQ7ADkAdvg8WrAlwEZEky_wYo4dBaMFjepXVkpbIllyCvMhe2LH5vWCDfB0skATo4E_0enfF2LyQBtjCGcCAAABXVIAAAADaAEHmQMCUlsgapU41DQZhMX51sKWiH0gtCS0rsRNSfPzG1TgiWVfPdawpZWDsLWDEP6Ee0Rt_fuWXBiFRy087S5Gren84oTjmCnoe-uHjB-GCHb2BC2M4uKWhY5mcEGAIBM5jOqV5yNqSEETchea-WjW7Y63KvmaA9j0_NOv9oRncusl89stjJ7GAykts64qoEYZxMUiyaloXd6SQbqVWLqcJsCSDpWDQ-QLF-Lwld5X64tenm_D7WhTPj4mx0ODuXclgBGJLZkf_vn2XfFdzjLauGxfOgpfpyKyANwsgnxqnDQLTzDjZC07ni2HEUjvUMozftZd1FBE4DmneTiPSBPGkRgJsJ9W5aST834c8qg8CVcL9xhRQwt26pCcH9QvptPayfxZospvtVmHVGIYs_BLNV86DLqsaMarpcjhYQxzPmNNNS4upAwRV0qJ1Vwh5n3ZG3lj9mbpQsxOVCPMPL_lfvR0XqdVp5AGNynt29b9XatudL9HceGSOPfW54lW1VnmuHOiN9-EE2oTBJT3KrIQgAU7S1MjdorKm-MnqcGx5kYQCZmRkmsId6fGRNKArvWpyG2oVcbNXJuYAyEwVX7iL7U82f2fkgFXrsaEUfOhR7TFCMLCleVmlMS-K4eobxik1H6edYoA6X1kqVnzdo3_a3sVFaTiCJSyvMlH07ei7Rzs1mxHhR5QkEzWe-j4SfANP44J8tXh1ZaFt32keVE-ssByr5Sz9_UAnWeNEAG39_LCjSqIpfRHCchJatn-2fcw9KfexE0faqU6XNE6CskMeKZQjVd_-WPWhzltUSnQ5k3t0tArEKJNVbl7pZ2kvUSEC4x8CYqZt3bQXii0NBK3DCDXsuRD-ukT1MuHrgvEJ929689dki6b9md3QQ_haazG2N-XS6In7kcL-DLcaOMMum-fBBj2TEKaWFjt8NcbABDy4qvvCovucAtvhRHFoiija0HneHex5imQx-5yCsPjjdMP5e2rgUe9EZTzljJp3EjOLsS79blnRERbArKcA8oSqSFhwak

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r5---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame BCB4 14 KB
14 KB 65ms
27ms Media
application/octet-stream 2a00:1450:4001:4c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

6b9678dbe5f50b70f5aebe2a43346636fc5c4768c48625f90523cd0eadd174c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=1409024-

Response headers

client-protocol: quic
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Jan 2023 16:53:01 GMT
server: gvs 1.0
vary: Origin
content-type: application/octet-stream
Content-Range: bytes 1409024-1423841/1423842
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 14818
expires: Wed, 22 Feb 2023 07:24:23 GMT

GET
H2 200 dc_oe=ChMI-rqAyMyo_QIVcJ79Bx0-4QFPEAAYACDV9LdYQhMIrLfOx8yo_QIVlYeDBx3X9QWX;met=1;&timestamp=1677050663460;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame FFA2 42 B
107 B 146ms
65ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI-rqAyMyo_QIVcJ79Bx0-4QFPEAAYACDV9LdYQhMIrLfOx8yo_QIVlYeDBx3X9QWX;met=1;&timestamp=1677050663460;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 6nk9ELeiWIfZJlE77J9jaZIvhb4her.png
cdn.giosgusercontent.com/assets/7802/ 2 KB
3 KB 121ms
29ms Image
image/png 2600:9000:2250:b600:9:f3c8:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.giosgusercontent.com/assets/7802/6nk9ELeiWIfZJlE77J9jaZIvhb4her.png
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b600:9:f3c8:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fd37a3df770e40d2d5f2671539dff5aa57315db53de1055e36588b82a91af9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 11:23:41 GMT
x-amz-version-id: .8gOzhWpTJqQ2UrVaI3FQzSO_DQPgfMe
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 04:50:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 72043
etag: "de804a622ea0dc72bb513ddb0e180b4a"
x-cache: Hit from cloudfront
content-type: image/png; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2517
x-amz-cf-id: HBE2UclHZJJNK9vMc7s4osQUlv7c6QQr3rRMUi78B8Roii-wELkXOg==

GET
H2 200 BnRRWe9SnK5J1WpJWmCIC2ig3UXiLM.png
cdn.giosgusercontent.com/assets/7802/ 2 KB
3 KB 122ms
30ms Image
image/png 2600:9000:2250:b600:9:f3c8:9b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.giosgusercontent.com/assets/7802/BnRRWe9SnK5J1WpJWmCIC2ig3UXiLM.png
Requested by: Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:b600:9:f3c8:9b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 48afa46ac9db406546fea2a79506797a34e55fd10efdb64a18b531a568e95170

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 11:25:43 GMT
x-amz-version-id: DPbg9b5Qb_vmk5ESWC1Z6d8WaQNtdtGm
via: 1.1 db1cc9ceb7681bf2a56c0f22acac3a36.cloudfront.net (CloudFront)
last-modified: Mon, 19 Sep 2022 04:51:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 71921
etag: "0438e42784f340e47bdeba2b3862450c"
x-cache: Hit from cloudfront
content-type: image/png; charset=utf-8
cache-control: public, max-age=31536000
accept-ranges: bytes
content-length: 2548
x-amz-cf-id: FETcZQMBry4RL5F_pqU44gnU8eIts-1GVxF76gghgUPjOeOsyqE6jA==

GET
H3 206 file.mp4
r5---sn-4g5e6nzs.c.2mdn.net/videoplayback/id/e8512a6a90c8dc86/itag/15/source/doubleclick/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1708586662/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm... Frame BCB4 1 MB
1 MB 27ms
27ms Media
application/octet-stream 2a00:1450:4001:4c::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:4c::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

4ca77bf7110b17e2a82dd563e65a3e3c210cf0d48a60ce12625300aa672c7639

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Range: bytes=98304-

Response headers

client-protocol: quic
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Jan 2023 16:53:01 GMT
server: gvs 1.0
vary: Origin
content-type: application/octet-stream
Content-Range: bytes 98304-1423841/1423842
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1325538
expires: Wed, 22 Feb 2023 07:24:23 GMT

POST
H2 201 external
api.giosg.com/events/v2/store/ 2 B
321 B 137ms
41ms Ping
application/json 178.63.219.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.giosg.com/events/v2/store/external

Requested by

Host: cstudio.aiqua.in
URL: https://cstudio.aiqua.in/id/58e55a2f-0ca3-49a9-b5b1-1a31ff2a9016/live.js?aiq_v=2023-02-21T10%3A08%3A08.099Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

openresty /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: openresty
cross-origin-opener-policy: same-origin
allow: POST, OPTIONS
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
content-length: 2

POST
H2 201 external
api.giosg.com/events/v2/store/ 2 B
321 B 138ms
43ms Ping
application/json 178.63.219.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.giosg.com/events/v2/store/external

Requested by

Host: cstudio.aiqua.in
URL: https://cstudio.aiqua.in/id/58e55a2f-0ca3-49a9-b5b1-1a31ff2a9016/live.js?aiq_v=2023-02-21T10%3A08%3A08.099Z

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

service.giosg.com

Software

openresty /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
referrer-policy: same-origin
server: openresty
cross-origin-opener-policy: same-origin
allow: POST, OPTIONS
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
content-length: 2

OPTIONS
H2 200 external
api.giosg.com/events/v2/store/ Frame 0
0 128ms
40ms Preflight
text/html 178.63.219.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.giosg.com/events/v2/store/external
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: service.giosg.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.elle.com
content-type: text/html
date: Wed, 22 Feb 2023 07:24:23 GMT
server: openresty

OPTIONS
H2 200 external
api.giosg.com/events/v2/store/ Frame 0
0 128ms
40ms Preflight
text/html 178.63.219.113
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.giosg.com/events/v2/store/external
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.63.219.113 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: service.giosg.com
Software: openresty /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.elle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.elle.com
content-type: text/html
date: Wed, 22 Feb 2023 07:24:23 GMT
server: openresty

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FFA2 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_1JI0FJ4oJiE3ZcU2WYnT7n9sMQKkU7kekX4JGf6QwIZW2vZ8GdQ6naUjgQ_cAZuVGPs4YFHbrzWj3A2je7_q8PRYtPR31QkwJUC_l0XXireX9QIU7JkD8Bx0SD8kwgSaq37RpA&sai=AMfl-YTPVLan-5iZ3lFtpXkmx2dor3nukgAsBGAAUrusXduFWxSZ-5U2YT-09EEE6xgWfZVV5sRSOGMriLUlkwTa6XDWsACFwUgAlI1pFoHuKpn6li3Jw-OYXsYjxrs&sig=Cg0ArKJSzJkhLgPW7k4NEAE&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&id=lidar2&mcvt=1008&p=301,315,551,1285&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1057573399&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677050661996&rpt=511&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIx42EyMyo_QIVNe27CB0ouQrhEAAYACDY9LdYQhMIr7fOx8yo_QIVlYeDBx3X9QWX;met=1;&timestamp=1677050663534;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame FD39 42 B
401 B 72ms
64ms Image
image/gif 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIx42EyMyo_QIVNe27CB0ouQrhEAAYACDY9LdYQhMIr7fOx8yo_QIVlYeDBx3X9QWX;met=1;&timestamp=1677050663534;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=0;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Requested by

Host: www.elle.com
URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 front-row-1676979057.png
hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/ 526 B
725 B 28ms
27ms Image
image/png 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hips.hearstapps.com/hmg-prod.s3.amazonaws.com/images/front-row-1676979057.png?crop=1.00xw:1.00xh;0,0&resize=480:*&frame=1&lqip=yes
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 895f72c77833ea0184bccbe5cfa597b9493bcc2e7feef12976aa270f06d88d8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
x-image-dimensions: 480:240
x-canonical-ops: crop=2560:1280;0,0&resize=480:240
age: 71542
x-source-image-dimensions: 2560:1280
content-type: image/png
access-control-allow-origin: *
x-cache: HIT, HIT
cache-control: max-age=31536000, stale-while-revalidate=604800
x-animated: 0
accept-ranges: bytes
x-robots-tag: all
timing-allow-origin: *
content-length: 526

GET
H2 200 affiliatedisclaimer.7eba329.js Show response
assets.hearstapps.com/assets/dist/js/shared/modules/ 1 KB
1 KB 29ms
26ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/modules/affiliatedisclaimer.7eba329.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: ed35d124de5ef9b55812676e1151522849add4185b7437c0c3973f7a64e3e0a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 44kF.ThMJxzUUDRlnq0yCFfW36UC__sL
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:23 GMT
x-amz-request-id: J5SJKPKZRG568V85
age: 16990392
x-cache: HIT, HIT
content-length: 749
x-amz-id-2: e+q6rXtqvytTeLBEt9KhTLmHhcem2J5XpTp32aYZOsgvGlLvJFKK3u46+h7KT6w58Z/f0UubSNw=
last-modified: Mon, 01 Aug 2022 18:22:03 GMT
etag: "defcc3ef66dce0dde362f91ccac01864"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 09 Aug 2023 21:39:58 GMT

GET
H2 200 contenthistory.6d91faa.js Show response
assets.hearstapps.com/assets/dist/js/shared/shared/ 1 KB
1015 B 30ms
27ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/shared/contenthistory.6d91faa.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 63f45fba9ccad5a943b7be5046f47423f98ff6a6b0892046c3848fc430e56d63

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: jmxK8LUottm0Dr4zG7PUnxKaIbqatYWK
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:23 GMT
x-amz-request-id: BXFKZE2KQ0FXA0E4
age: 17624335
x-cache: HIT, HIT
content-length: 774
x-amz-id-2: ZSM5kd6ygw8QmcIOabK0RvhsqSkm0ekH2YugZGaRF5fJ/Vo5N58RbFkCZPNlIFtjYWQUa6UZKNY=
last-modified: Mon, 01 Aug 2022 18:22:05 GMT
etag: "6c95a16ce59f0cbcbfc79cac6da021ac"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 02 Aug 2023 13:34:13 GMT

GET
H2 200 relatedmodules.35913f3.js Show response
assets.hearstapps.com/assets/dist/js/shared/modules/ 2 KB
1 KB 30ms
27ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/modules/relatedmodules.35913f3.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0f9b028b30956a3b91b5208462a20c5258fe8282a5968a15fe2895497948cad5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: g.lESY26l.02B6ubIpexmXVhdIg4hWaY
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:23 GMT
x-amz-request-id: 5AHQ7XVNMPZ6P3CK
age: 7158426
x-cache: HIT, HIT
content-length: 986
x-amz-id-2: HyDM7Xe26Uq+vp3rN3o8PI7XKyXe6qW6Mz5FEVA7t2PZZCviWcpHD0AyxYot9J82XzR33C/JQYk=
last-modified: Wed, 30 Nov 2022 15:07:44 GMT
etag: "54cf042431355b670cf1d83e22b25cd2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 01 Dec 2023 16:46:03 GMT

GET
H2 200 rightrail.76224fa.js Show response
assets.hearstapps.com/assets/dist/js/shared/modules/ 1 KB
924 B 33ms
30ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/modules/rightrail.76224fa.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c0eca8614d1e0a89e50f4290f8b4104e4fdbc08d3368c63fa6b44f01e001102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: AhBbS3AVt3EHUbVczh4yGgym8uOnzMFw
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:23 GMT
x-amz-request-id: N60JYWBNNZB2M2ZF
age: 12088861
x-cache: HIT, HIT
content-length: 651
x-amz-id-2: nPgU24R7vZpA2BIICdBamgS5pcOAyDs7WkrnHqHJHmCQmsBXGP4LHWvhTG3GhHX/ndlW1ucj4ts=
last-modified: Tue, 04 Oct 2022 18:14:47 GMT
etag: "e4be4d168d632b745956279f05096e8d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Thu, 05 Oct 2023 15:12:10 GMT

GET
H2 200 socialbutton.d7a9f33.js Show response
assets.hearstapps.com/assets/dist/js/shared/modules/ 3 KB
2 KB 36ms
34ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/modules/socialbutton.d7a9f33.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a54684c60fff38019ec33d45ef6038ea34fb5f48593c72bd272c5687cc50f740

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: ywOkcpxJkyDRFC8F4M3zPXypGt3GVcVK
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:23 GMT
x-amz-request-id: 4SB7MBSXE5W87FS0
age: 4284256
x-cache: HIT, HIT
content-length: 1405
x-amz-id-2: tItq/8YAy39xN8en/NWZdW650Jbfldyw2L84Ajdg+Zfj9YHDmnUFvmcpDeDxss4sWCpODmZMXLM=
last-modified: Tue, 03 Jan 2023 17:04:00 GMT
etag: "b0786ad7d26f83cff8fc6bf36d59d5ff"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 03 Jan 2024 23:08:54 GMT

GET
H2 200 jumptorecipe.5cd48da.js Show response
assets.hearstapps.com/assets/dist/js/shared/modules/ 874 B
729 B 33ms
31ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/modules/jumptorecipe.5cd48da.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 53b65b69e6d5f663f1c13d2c4ebce6a6d2a2add77644661deeadd5120c8c8502

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: teO2NZ6BMfGnXlP7L4RHw39CX.kAzTmZ
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:23 GMT
x-amz-request-id: X72J689H0WHGXPVK
age: 12162987
x-cache: HIT, HIT
content-length: 488
x-amz-id-2: 0uMDLPiiWuZROn1rXuGWatNG5EdRSSAII6a2QyPcmTCsQ1JmsOXoIwpkB2TiAMrFKp3n00NQ5Ww=
last-modified: Mon, 03 Oct 2022 14:37:37 GMT
etag: "119dec6fd4cf9c410d2108713bb8195a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Wed, 04 Oct 2023 18:36:43 GMT

GET
H2 200 stickyads.8c2ec03.js Show response
assets.hearstapps.com/assets/dist/js/shared/modules/ 5 KB
2 KB 30ms
29ms Script
application/javascript 151.101.64.155
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.hearstapps.com/assets/dist/js/shared/modules/stickyads.8c2ec03.js
Requested by: Host: assets.hearstapps.com
URL: https://assets.hearstapps.com/assets/dist/js/article.01439a6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.64.155 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 77e87d75903086d846f3d99ec6fa0fb57103bf291a3b64694d7fb092479128f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: e5sPKJPjahmruBfNpqZ9hm4r7wZcfkQY
content-encoding: gzip
date: Wed, 22 Feb 2023 07:24:23 GMT
x-amz-request-id: T0PNB8628MH1MG5Q
age: 18023658
x-cache: HIT, HIT
content-length: 1931
x-amz-id-2: wHaO0ifEC8eb8rrrBdxRsQVI8vvQyqXUSgRp8Gbw/NBhE788hks1dVY5YLGjUFasgtchI6fEakE=
last-modified: Thu, 28 Jul 2022 16:32:19 GMT
etag: "2c1f3a06c155925bebe22c8ba8fb10ad"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
expires: Fri, 28 Jul 2023 22:38:51 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 159ms
52ms Script
application/x-javascript 2a03:2880:f042:110:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:110:face:b00c:0:3 Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Feb 2023 07:24:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 7pItou1xXRMOe+UYpkRLTs49GKiYgwdk1evC/gH4xwzj0v3pGzwHEpAB13cpgQXF7prnWANF85rulD7D7OnpBQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 512678718
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 72ms
71ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-777017613

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82e09424d0728b4a8fe385beeead94931ada1671102034aa0b601130fc3ab360

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50785
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Feb 2023 07:24:23 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 129 KB
50 KB 76ms
76ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-777017613&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-4080264-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c1c699539291c57484493fa2d8a38caf5db6d2f40cea88139f7c1c301d50bc08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50798
x-xss-protection: 0
last-modified: Wed, 22 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 22 Feb 2023 07:24:23 GMT

GET
H2 200 gwiq.js Show response
gwiqcdn.globalwebindex.net/gwiq/ 6 KB
6 KB 127ms
28ms Script
application/javascript 35.201.93.216
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.93.216 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 216.93.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 06:47:31 GMT
age: 2212
x-guploader-uploadid: ADPycdvLRX9jkhgqHu4pEmz0zh3mc2gD10E68T97BwpV2LDma0N55ukwA2i6Q7JUQPlc8C1cr9_FoolystVcFmbNtAIfI-bKTHGG
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5766
last-modified: Wed, 15 Apr 2020 08:49:27 GMT
server: UploadServer
etag: "aba61abde9777087262fb27526ba1ef6"
vary: X-Goog-Allowed-Resources
x-goog-generation: 1586940567400828
x-goog-hash: crc32c=yYfjgA==, md5=q6Yavel3cIcmL7J1Jroe9g==
content-type: application/javascript
cache-control: public, max-age=3600
x-goog-stored-content-length: 5766
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:47:31 GMT

GET
H/1.1 200
OK plugin.min.js Show response
static.dable.io/dist/ 110 KB
40 KB 135ms
31ms Script
application/javascript 184.24.177.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.177.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-177-89.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 61da64dc2b93e63c044441f7a92d90a4c651fa5ece0fb764181c23311c60e273

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: HX1q6Tlyl9nOv4_diUtmw8qoSH8R.n8E
Content-Encoding: gzip
Date: Wed, 22 Feb 2023 07:24:23 GMT
Last-Modified: Wed, 22 Feb 2023 01:13:00 GMT
Server: nginx/1.20.0
x-amz-request-id: 7212NE6SWWRCM7AM
ETag: "5fd909678079b07e89821db9f3967fb4"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=71398
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 40158
x-amz-id-2: fbl6hmWE7SaejteVwUZIHXRR9HF5eKRkWgRgVTMTRuKmI9KKkA6RiIzYFjta4nIh/utRyh8Hp+Y=

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 98 KB
33 KB 129ms
32ms Script
application/javascript 18.66.112.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/Bootstrap.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.84 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-84.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:22:33 GMT
content-encoding: gzip
via: 1.1 eb6e5773d654b9aeadbed8169564506c.cloudfront.net (CloudFront)
last-modified: Wed, 11 Jan 2023 16:08:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 110
etag: W/"be0aea74754407f0a826a84e140dd5ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: maOKMGIKYML7hw5H2H_1oidtAmKYsyn0XiFxmgAK6ThOgTkLn3aRxQ==

GET
H/1.1 200
OK signup-module Show response
link.elle.com.tw/join/5sy/ Frame DCA4 9 KB
4 KB 565ms
161ms Document
text/html 3.226.166.212

General

Check archive.org

Show headers Download Go to

Full URL

https://link.elle.com.tw/join/5sy/signup-module

Requested by

Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.226.166.212 -, , ASN (),

Reverse DNS

Software

Sailthru /

Resource Hash

c6af70ddecf303e9343e24c545b11a9df64249133f2ac0e494a59cf2a4070126

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

connection: close
content-encoding: gzip
content-length: 3889
content-type: text/html; charset=UTF-8
date: Wed, 22 Feb 2023 07:24:24 GMT
server: Sailthru
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK elle_tw.js
api.popin.cc/searchbox/ 159 KB
0 1932ms
1009ms Script
text/javascript 119.63.193.220

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/elle_tw.js
Requested by: Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/mag-tw/code/d169d732ef2343ec5c0c72c0a33168c3.js?conditionId0=420398
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.193.220 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 07:24:24 GMT
x-amz-version-id: lv_hS.97AjBtOIuyD44UzrPRS0H4hmLB
Content-Encoding: gzip
x-amz-server-side-encryption: AES256
X-Cache-Status: HIT from 10.252.55.44
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
Last-Modified: Wed, 22 Feb 2023 07:14:11 GMT
Server: nginx
ETag: W/"2188c461c10d0e033aa0a9f0aa106d92"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=3600
Timing-Allow-Origin: *
Expires: Wed, 22 Feb 2023 08:24:24 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 43ms
42ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023021601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5c0015791c534b7f0aa496f1b772548e0d0f9ae03159344ddd21957e6a9e5fe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11212
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FD39 42 B
64 B 70ms
70ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHmUTTzA8k3-MNyrzx5cQn2SBBm-qVC9eBBsnLsvAaT8z2ymmVJaqIkeTF8mnxh8BehxA5aufimHbRHhszXdSGUJp11ML2x4SjhOK915kEhstrwT4EJ8D7HlBrOy6AI5B3aA_HqQ&sai=AMfl-YR2_MIbimLEZvmMBKKrm9JzB-7ZtOJwAQ-PDtlxgnUTC8lXA0Qh9KIxF37Vs51yU29Jt-ElvD1oZjf3B0_yCml4tvg96ryb3qAuDCw2jRNfNZybIw6c8PUv310&sig=Cg0ArKJSzDAHBqIj6p_OEAE&cid=CAQSOwDUE5ymnyxbp0FOfjH3tjlj3-UV1bk_mWNkBWiFb4ZbvYxxJPt1_7ZZB2W_T97zEA5ZxrrHlp_HP32IGAE&id=lidar2&mcvt=1000&p=874,1060,1474,1360&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230221&bin=7&avms=nio&bs=0,0&mc=0.54&if=1&vu=1&app=0&itpl=20&adk=2490083001&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677050662036&rpt=614&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023021601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 22 Feb 2023 07:24:23 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E025 13 KB
5 KB 30ms
29ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1217
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:04:06 GMT
expires: Thu, 22 Feb 2024 07:04:06 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F732 783 B
535 B 39ms
38ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6b78f89ae7c6a184ddf9d9b18fb429bfdc7fdae13ee36a1745aaa09c65495976

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7ana6zznQvIRIdRuKGOuVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-7ana6zznQvIRIdRuKGOuVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:23 GMT
expires: Wed, 22 Feb 2023 07:24:23 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H3 204 rv25mov Show response
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ 0
13 B 99ms
38ms XHR
application/json 35.190.80.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiq-v3.globalwebindex.net/v2/gwiq/campaign/rv25mov
Requested by: Host: gwiqcdn.globalwebindex.net
URL: https://gwiqcdn.globalwebindex.net/gwiq/gwiq.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.80.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.80.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.elle.com
date: Wed, 22 Feb 2023 07:24:23 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: application/json

OPTIONS
H2 200 rv25mov
gwiq-v3.globalwebindex.net/v2/gwiq/campaign/ Frame 0
0 111ms
41ms Preflight 35.190.80.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gwiq-v3.globalwebindex.net/v2/gwiq/campaign/rv25mov
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.80.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 55.80.190.35.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.elle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.elle.com
access-control-max-age: 1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Wed, 22 Feb 2023 07:24:22 GMT
via: 1.1 google

GET
H2 200 simple Show response
api.sail-personalize.com/v1/personalize/ 288 B
497 B 123ms
123ms Fetch
application/json 75.2.40.13

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by: Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a9212566ae647cc00c2db3eb0729e87bba2c9fadbaef03ccb0feb568cd3465d

Request headers

x-lib-version: v1.0.1
accept-language: de-DE,de;q=0.9
authorization: Bearer f7ad9710f15fe4f3713640b5302c2fe9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: application/json
accept: application/json
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
x-referring-url: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:24 GMT
content-encoding: gzip
allowedorigins: *
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
allowedmethods: GET,OPTIONS
cache-control: no-store
access-control-allow-credentials: true
allowedheaders: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length: 196
expires: -1

OPTIONS
H2 200 simple
api.sail-personalize.com/v1/personalize/ Frame 0
0 378ms
123ms Preflight
text/plain 75.2.40.13

General

Check archive.org

Show headers Download Go to

Full URL: https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 75.2.40.13 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method: GET
Origin: https://www.elle.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods: OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin: https://www.elle.com
access-control-max-age: 1800
allow: HEAD,GET,OPTIONS
content-length: 18
content-type: text/plain
date: Wed, 22 Feb 2023 07:24:24 GMT

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/elle.com%2Ftw%2Fhearst/ 802 B
1 KB 988ms
273ms Script
text/javascript 15.164.137.101

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/elle.com%2Ftw%2Fhearst/prefs2?cached_uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

15.164.137.101 -, , ASN (),

Reverse DNS

Software

istio-envoy /

Resource Hash

1a1fee365a22616f76b0e77ddb1f7101957096d9af122425215b4a85eb878912

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-envoy-decorator-operation: reco-api-service-local.reco-api.svc.cluster.local:80/*
server: istio-envoy
etag: W/"322-OmL3a6g4/PGFoySuoAUVX4NdlGY"
content-type: text/javascript; charset=utf-8
x-envoy-upstream-service-time: 5

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/777017613/ 2 KB
1 KB 111ms
111ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/777017613/?random=1677050663876&cv=11&fst=1677050663876&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&tiba=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A&auid=1317722745.1677050664&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-777017613

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81a7b37e256bad19da56da3a4214c088ba99715b6a467e799ace73baf88abe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1015
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 690796760981964 Show response
connect.facebook.net/signals/config/ 383 KB
110 KB 51ms
51ms Script
application/x-javascript 2a03:2880:f042:110:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/690796760981964?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:110:face:b00c:0:3 Marseille, France, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

164f29a4f995a309c63d4e58df593807fb53f8f94e37c81077e7c397e49beec6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Wed, 22 Feb 2023 07:24:23 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 112067
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: nOKhf9aTX7/hSOK1hj+BPT2+fvst/orvttlyqXiP2aw52bFAI8ugd7vIpa2xzvxOijnQG08VvP0tW97MKaDF5w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 512678718
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F732 0
0 61ms
60ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023021601&jk=2962143703103404&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFA2 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9795246174593&version=m202301230201&ct=76&x=1&cor=5444874355269358000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js Show response
pagead2.googlesyndication.com/bg/ Frame E025 36 KB
14 KB 27ms
27ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ENhUjQ5Efr1LKcBlRSMtCxEMsPeXm4hb-JW7itjXrRA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Mon, 20 Feb 2023 07:30:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 172455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14306
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 20 Feb 2024 07:30:08 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FD39 0
20 B 61ms
61ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9497284706453&version=m202301230201&ct=76&x=1&cor=300243982080267700

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:23 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/777017613/ 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/777017613/?random=1677050663876&cv=11&fst=1677049200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&tiba=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4020559349&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/777017613/ 42 B
154 B 69ms
68ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/777017613/?random=1677050663876&cv=11&fst=1677049200000&bg=ffffff&guid=ON&async=1&gtm=45be32f0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&tiba=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=4020559349&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:24 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E025 0
10 B 29ms
28ms Image
text/plain 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?e0L5_Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 111ms
29ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=690796760981964&ev=PageView&dl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&rl=&if=false&ts=1677050664094&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677050664093.1219942469&it=1677050663894&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Feb 2023 07:24:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 112ms
30ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=690796760981964&ev=ViewContent&dl=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&rl=&if=false&ts=1677050664095&cd[content_ids]=elletw.listicle.34664581&cd[content_name]=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&cd[content_category]=%E5%A8%9B%E6%A8%82&cd[content_subcategory]=&cd[content_type]=News%2CEntertainment&cd[sessionCountViews]=&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.1.1677050664093.1219942469&it=1677050663894&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 22 Feb 2023 07:24:24 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8C08 0
20 B 60ms
60ms Ping
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6027541386228&version=m202301300101&ct=77&x=1&cor=13067021055030220000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 all.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/ Frame DCA4 69 KB
11 KB 98ms
37ms Stylesheet
text/css 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Requested by

Host: link.elle.com.tw
URL: https://link.elle.com.tw/join/5sy/signup-module

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.elle.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1086358
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10277
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-1137b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IjEF8vT%2Fw4IpxmMfQqjgHuiguAO7GQSTnWWJ6RsuNw3Vdv153GFGf0A7B1NFEI%2FIZBdV8XarSojD6BdxYkZgb%2F%2BUDNIDXIl3dUPQfzuxGUugQV1svLKapD%2BXvPbyOD%2FvXrkuR5cFRNIdu0iE%2Ff15YkjT"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d5fb5e1b07911f-FRA
expires: Mon, 12 Feb 2024 07:24:24 GMT

POST
H3 200 events Show response
api.permutive.com/v2.0/batch/ 201 B
159 B 39ms
38ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/batch/events?enrich=false&sdkp=true&k=26eac0c8-3713-4c4c-b681-5ca583930893
Requested by: Host: 0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
URL: https://0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app/5144d139-048e-4bfe-88e1-96d0a6523fc3-web.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 8c649bfc3b041b6cac73a4e5fa36cfe46b820cfe856ab20e47970b76b3b7450d

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
content-type: text/plain

Response headers

date: Wed, 22 Feb 2023 07:24:24 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.elle.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

POST
H2 200 / Show response
www.facebook.com/tr/ Frame A006 0
47 B 62ms
60ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.elle.com
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.elle.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Wed, 22 Feb 2023 07:24:24 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 68ms
65ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023021601&jk=2962143703103404&bg=!UlGlUQXNAAZYlHKzeJQ7ADkAdvg8WkJF6jbrGEEiGzQUQ-Qhqh7e3QGrRpk6eugUYoj1Zfk8SI24otrQVeEJXrkBRexHxY7o9FUCAAAAslIAAAAFaAEHCgAx-OUSY0te6k_eV_z7-OqaeD4KHU6G5P3V6ZJdyPzMxrxiyZclBazpk5X7zC49XmUOUpkCsm8s1cSwKDAxCadADlmd4LMN_AgpU-KpVg8wRTVDcJ7ZGm6SlmhFL5mINlQy8CVGbNhxPsnLBH0ATMdsYhAcessRfqf_knG1vZQJ7OXc0nTFPf95zkGQo0n9dAdytAsgFhF8Knq0iJSr8s-slQSk0QaGVhZ-5gjCxxdbmAytDAdJRoo_J1fFGnFs9DrWr7DQQwfW8RpaaOVAxTH6Tu3CXZEIGLkddki9jaBnaPQCAhoApywaMvI5hiMgwhZkB8dM195DlBtHujkFRrY1GOW01UeyFBoAZXze6mOh3E1JPNdE-4TjH9GNF7Fbsh5CwRPyW5AhhMCVA5wxdBM8kePbGwNG3-8yH_IiajQu4ODBDnMEQl67EwbPvPNSHbnzQGbV9dFJiNs5tadyKI2TrNRDK_7qck78jxcnzKyulT4sKSyGvpF-USyrxwH622KACMXhnrD_LQhYd5FFRjTL0nYJkVpNJM95VnLMZTIMt77NyhqY0OAwxdGi6Ix5Br5KbuZzxKqMRAwX7UBkevrYVS8YerRjLdHapzKJ-Gd8kN_4TxCw3yZvXnM0wVoiknvYvu1icjrUy2xp-6K9utWMY_R-2dtnJZy1Mfu-EOomvTPgDz9dy3JNjDfWRbsP-5AYxT3CpYrsdotSzFVh-UMmzFuuTlJEr7JqF4JJDIFbl8vu_vblm0gxbJgWjQjA9SJlzFkQ6s7Js5rOPPVE1T1VpTuerCCrLNUFuEeU6xJ5VDtMwC501w-FAwpLEMqXxGufoXEV6igpAvxd79bhWARJjc0vxYaNQTZWu6UaKPuCa6uRO9C-6AU6FikmA6Lf_aP-r0Hklsc0ucnlKDIB67ZbdoBeT8iefzB-d4Bh0JU3c4uYxZEUhHDXoAsCblpXvlz9fU-yAbtnlb9lVMTXK-v3_KIqkF4Zzg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

GET
H3 200 analytics.js Show response
www.google-analytics.com/ Frame DCA4 49 KB
20 KB 42ms
42ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: link.elle.com.tw
URL: https://link.elle.com.tw/join/5sy/signup-module

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://link.elle.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 07:12:06 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 738
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Wed, 22 Feb 2023 09:12:06 GMT

GET
DATA 200
OK truncated
/ Frame DCA4 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bfdfb1bdd2de6364488bf2a25a4daef34b02415229faba91d1a4fe3c3b57aa0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 NotoSansTC-Regular.woff2
fonts.gstatic.com/ea/notosanstc/v1/ Frame DCA4 2 MB
2 MB 31ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/ea/notosanstc/v1/NotoSansTC-Regular.woff2?8.87.0

Requested by

Host: link.elle.com.tw
URL: https://link.elle.com.tw/join/5sy/signup-module

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a884503e82e75e12747a73b1f79baebc9a0227a6f8c83137820df303f3cca842

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://link.elle.com.tw/
Origin: https://link.elle.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 16 Feb 2023 19:12:23 GMT
x-content-type-options: nosniff
age: 475921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1857952
x-xss-protection: 0
last-modified: Mon, 26 Oct 2015 23:53:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 16 Feb 2024 19:12:23 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/ Frame DCA4 74 KB
74 KB 69ms
34ms Font
application/octet-stream 2606:4700::6811:180e

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.11.2/css/all.css
Origin: https://link.elle.com.tw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 07:24:24 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1615520
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75336
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12648"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wkvuJ%2BgyqwWlwxuxk1a%2FHQY1AQ7nmMHnlZWadtHuQWjpuspsGNFwEy9Qkg%2B%2BghbkZ0wePTKuoV1HRwCor%2BE175JQUFQ15E3UU8%2FrmurVewedatgHxwgpquRkgwpj%2Ffw8GsB4K048tpZLbze8vDc6Ccs2"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79d5fb5eae836907-FRA
expires: Mon, 12 Feb 2024 07:24:24 GMT

GET
H2 200 view Show response
r-log.dable.io/s/elle.com%2Ftw%2Fhearst/u/00000000.0000000000000/ 54 B
198 B 861ms
274ms Script
text/javascript 52.78.32.47

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/elle.com%2Ftw%2Fhearst/u/00000000.0000000000000/view?url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&lang=en-US&items%5B0%5D%5Bid%5D=g34664581&items%5B0%5D%5Bc1%5D=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&items%5B0%5D%5Blink%5D=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&cid=00000000.0000000000000&gdpr=1&z=66199&callback=dbljson2

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.78.32.47 -, , ASN (),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:25 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2 200 widget_request Show response
r-log.dable.io/s/elle.com%2Ftw%2Fhearst/u/00000000.0000000000000/ 54 B
199 B 855ms
269ms Script
text/javascript 52.78.32.47

General

Check archive.org

Show headers Download Go to

Full URL

https://r-log.dable.io/s/elle.com%2Ftw%2Fhearst/u/00000000.0000000000000/widget_request?url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&lang=en-US&widget_id=3o5R5gW7&source=g34664581&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&cid=00000000.0000000000000&gdpr=1&z=770121&callback=dbljson3

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

52.78.32.47 -, , ASN (),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 22 Feb 2023 07:24:25 GMT
x-content-type-options: nosniff
server: nginx/1.20.0
content-length: 54
content-type: text/javascript; charset=utf-8

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/3o5R5gW7/users/ Frame B59B 17 KB
5 KB 455ms
454ms Document
text/html 15.164.137.101

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 15.164.137.101 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e562693b9972e008fd274cb48216b5d229ecc6a821eff95c2a7c6f88c38b5c0b

Request headers

Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 22 Feb 2023 07:24:25 GMT
server: istio-envoy
x-envoy-decorator-operation: reco-api-service-local.reco-api.svc.cluster.local:80/*
x-envoy-upstream-service-time: 186

GET match
analytics.ad.daum.net/ 0
0

GET
H3 200 pixel
cm.g.doubleclick.net/ 170 B
188 B 45ms
43ms Image
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=dable&google_cm

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 07:24:24 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET idsync
idsync.admixer.co.kr/ 0
0

GET
H/1.1 204
No Content pixel
cm-exchange.toast.com/ 0
609 B 854ms
280ms Image
text/plain 103.243.202.190

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-exchange.toast.com/pixel?cm_mid=1440080439&cm_muid=00000000.0000000000000&toast_push
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 103.243.202.190 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Wed, 22 Feb 2023 07:24:25 GMT
Server: nginx
Connection: close
P3P: CP="NON DSP LAW CURa ADMa DEVa OUR BUS IND COM NAV INT"

GET
H/1.1 200
OK swipe.min.css
static.dable.io/static/b/infinite-swipe/dist/ Frame B59B 830 B
852 B 29ms
28ms Stylesheet
text/css 184.24.177.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/static/b/infinite-swipe/dist/swipe.min.css
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.177.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-177-89.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: df4cd6f3b2e248d442621dc6ce284302b126f9af816cab8b60281725200d5190

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: sqefXKKZut4R2qR5lqBr0nSjDUJXu83C
Content-Encoding: gzip
Date: Wed, 22 Feb 2023 07:24:25 GMT
Last-Modified: Sun, 10 Apr 2022 22:35:09 GMT
Server: nginx/1.20.0
x-amz-request-id: RMZVP03MXEJVME7J
ETag: "9b3834ee614ba231efec8c8aafe8b092"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=864000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 316
x-amz-id-2: xg1Wc+shRdi0n+CcxCgjKvVWPJhjduRxbQjuZVsngpz1agqPPkbJuFstSXB8qNfpiJn9sUBQ5ug=

GET
H/1.1 200
OK widget.v2.min.css
static.dable.io/dist/ Frame B59B 13 KB
4 KB 59ms
29ms Stylesheet
text/css 184.24.177.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.v2.min.css?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.177.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-177-89.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 54d5ca2deaf3600b45019528ab16c55f1cd9b9e3004ecaba18677bfe6b6289a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 6FBBuaiDKrH5efTNMdq8xs1LqDTc7B6d
Content-Encoding: gzip
Date: Wed, 22 Feb 2023 07:24:25 GMT
Last-Modified: Wed, 08 Feb 2023 01:49:35 GMT
Server: nginx/1.20.0
x-amz-request-id: 2YKM8CM3257VZ3QP
ETag: "7695e65698c3938723e0aa694df0cc94"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3343
x-amz-id-2: 3lAOwMpOqsKUplXAq3qu12XlD/wd4PNI6Q4pBMVbAOq5gpbFp9+1NYnIBXZNmYFCa0W3RVT/8kI=

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame B59B 95 KB
34 KB 99ms
29ms Script
text/javascript 2a00:1450:4001:82a::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 18 Feb 2023 08:03:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 343233
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Feb 2024 08:03:52 GMT

GET
H/1.1 200
OK widget.min.js Show response
static.dable.io/dist/ Frame B59B 54 KB
17 KB 84ms
31ms Script
application/javascript 184.24.177.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/widget.min.js?
Requested by: Host: api.dable.io
URL: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.177.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-177-89.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 1d227381cc00789fb7e50d843d72739278f1c7ab9ccad17c6759023b58d208ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/widgets/id/3o5R5gW7/users/00000000.0000000000000?from=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=elle.com%2Ftw%2Fhearst&gdpr=1&service_id=13606&service_type=magazine&country=TW&client_id=1744&randomStr=34b2d786-5dfe-4f72-bf41-184569159102&id=dablewidget_3o5R5gW7&category1=%E8%BF%BD%E5%8A%87%E8%BF%BD%E9%9B%BB%E5%BD%B1&ad_params=%7B%7D&item_id=g34664581&item_pub_date=2020-12-09T17%3A14%3A00Z&pixel_ratio=1&client_width=739&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: HyDdA3uSq1yQVqtvahu.eekczSd4xDBv
Content-Encoding: gzip
Date: Wed, 22 Feb 2023 07:24:25 GMT
Last-Modified: Mon, 20 Feb 2023 07:12:48 GMT
Server: nginx/1.20.0
x-amz-request-id: 2BKRTX70XSZJ7Y7T
ETag: "6696d4cc21069b486dbb74a589998a1b"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: public, max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17194
x-amz-id-2: l3ArMgBYgckr82SNJo/XLSDMQ8yxF2GSYW1MhEeUhZpUai7qxXBKcs25m/EcLZKhPxYxSqAe6G4=

GET
H/1.1 200
OK logo-text-tiny-gray.png
images.dable.io/static/i/ Frame B59B 661 B
1 KB 265ms
28ms Image
image/png 184.24.177.89
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.dable.io/static/i/logo-text-tiny-gray.png
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/widget.v2.min.css?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.24.177.89 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-24-177-89.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://static.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: null
Date: Wed, 22 Feb 2023 07:24:25 GMT
x-amz-request-id: 0XT9QRFAEEQC9089
Connection: keep-alive
Content-Length: 661
x-amz-id-2: GgfI/NBKrM63TPVbXdg/v/iZD2mPRXV/H02zMUgmSiiLLFAcSQ9FpFp2gtp4nvbp5vH/f6sNq4U=
Last-Modified: Mon, 24 Aug 2020 02:55:47 GMT
Server: nginx/1.20.0
ETag: "2260fca7dca92761058aace21a176daa"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=864000
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET impression
r-log.dable.io/s/elle.com%2Ftw%2Fhearst/u/00000000.0000000000000/ Frame B59B 0
0

GET request
ad-log.dable.io/services/elle.com%2Ftw%2Fhearst/users/00000000.0000000000000/campaigns/Z8wpvjQqgi3v/contents/XQkDj4Jv5I77/ Frame B59B 0
0

GET request
ad-log.dable.io/services/elle.com%2Ftw%2Fhearst/users/00000000.0000000000000/campaigns/Z8wpvjQqgi3v/contents/jYORzE8M6ux/ Frame B59B 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: certify.alexametrics.com
URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&time=1677050657273&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&random_number=21135494885&sess_cookie=fa06ba69186780239f8346a59db&sess_cookie_flag=1&user_cookie=fa06ba69186780239f8346a59db&user_cookie_flag=1&dynamic=true&domain=elle.com&account=4JZUh1aon8002P&jsv=20130128&user_lang=en-US

Domain: cdn.euw1.jivox.com
URL: https://cdn.euw1.jivox.com/files/72839/Template2_FinalVersion_DE_V3/970x250/Frame1/2021_CX-60_GER_LHD_C122_EXT_FQ_White_High_Japanese_Premium_WhiteLeather_Home_till20240131.jpg

Domain: analytics.ad.daum.net
URL: https://analytics.ad.daum.net/match?d=111&uid=00000000.0000000000000

Domain: idsync.admixer.co.kr
URL: https://idsync.admixer.co.kr/idsync?pid=120&uid=00000000.0000000000000

Domain: r-log.dable.io
URL: https://r-log.dable.io/s/elle.com%2Ftw%2Fhearst/u/00000000.0000000000000/impression?source=g34664581&pick=&rm=170.2.1&cm=0.0.0&channel=text_3x1.group1_logo&reco_type=backup-recent&cid=00000000.0000000000000&widget_id=3o5R5gW7&request_id=668720863200061a&reco_list_lz=NobwRAlgJmBcYEMBMBGAzATgCxKwDjABowBbAUwBcALAexnhQHYAGAOiVZTAF9Dxo4iVMyQBWJADYJRUpVr0wTNhy69%2BC5ClwTmo0TPLU6gpe048%2BkDcLFJGSA3OMMWZ1ZYHxNzPM2ZpmRyMFUxULdUFkZgwUFDwdIPkTVzC1K0jUUSxRLWliQySXZXM0zyEtLOw82WDk4tUAXSA&gdpr=1&lazyload=0&uri=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&is_gif=1

Domain: ad-log.dable.io
URL: https://ad-log.dable.io/services/elle.com%2Ftw%2Fhearst/users/00000000.0000000000000/campaigns/Z8wpvjQqgi3v/contents/XQkDj4Jv5I77/request?q=N4IghgJglhIFwhAGhDAZmeiUFMAeADlAE46wIDqZABAGI4BG1ATMywAzMDM17A7HGYAWQQFZqAcQCyAFQDU7Re2oAKAMIB7DcWgA7MABcaAVV1QAbjmIBnMABtqMqAFscASmQhiBhgH0AxgT%2BWACMAHTMnlBGzgGGWIC-8YDhSgmA32mAjvqeBGAA5jjwISjEYLoA1vDsRTgAjgCuONYGvjBYAGytABx8zOwdrVw9iq0hmCgMML6k1gQautY4zeQg4xCTDTj%2BDK0EOCHVdjho-roAnngAVp7WGrXE-vkIOVxC7UKiHSGeBhoG9r7ZeXgzBQtygWAAFgYDARrHAAPRwgDuyLCODsBzC-g0zjhBkRcJwuiM3jAUF0riJcIgxWcYDhTxerTeHzhpWpYFpAFoDMR6pyGDgwLUDCc4Z5avNiL47CUclhCZ5ETA8k0WgguBpRAAlUQ5Ch8Tz%2BcElXRorBGPBNLh4cI5Yg3AghaUaHIaTyuAzgjRLIRhLhhT4oXQaOwuiooX45NUgDXa3X6gDEgdQuksRO0J0WoS4rXYrQAPrGdXqDShrKGDAUy1AAF4PYHLCYEYhQe4FcJ8XodLh8bsAThCwi4fdaY29mYOuhynvgQnYokqIAg018Hq9q0sNigs1CYXYe88KwCt2IWAA0lqKFFnAQswhk-hK3BQMQ196sL7-cmgjzfCsKnuohCHwfAAL4oFA1i%2BFGaBViAOQQM2cH%2BNGShofu6GYYongyjWJyhpAFSgUAA&bid_id=bididecb6pe1qlefcnyy6&ad_id=bid_itemecb6pe1qlefcnyy4&win_price=11.708837839124396&win_currency=KRW&is_gif=1

Domain: ad-log.dable.io
URL: https://ad-log.dable.io/services/elle.com%2Ftw%2Fhearst/users/00000000.0000000000000/campaigns/Z8wpvjQqgi3v/contents/jYORzE8M6ux/request?q=N4IghgJglhIFwhAGhDAZmeiUFMAeADlAE46wIDqZABAGI4BG1ATMywAzMDM17A7HGYAWQQFZqAcQCyAFQDU7Re2oAKAMIB7DcWgA7MABcaAVV1QAbjmIBnMABtqMqAFscASmQhiBhgH0AxgT%2BWACMAHTMnlBGzgGGWIC-8YDhSgmA32mAjvqeBGAA5jjwISjEYLoA1gVFOACOAK441ga%2BMFgAbC0AHHzM7O0tXN2KLSGYKAwwvqTWBBq61jhN5CBjEBP1OP4MLQQ4IVV2OGj%2BugCeeABWntYaNcT%2B%2BQg5XEJtQqLtIZ4GGgb2vtl58GYKBuUCwAAsDAYCNY4AB6WEAdyRYRwdn2YX8GmcsIMCNhOF0Rm8YCgulchNhEGKzjAsMezxar3esNKVLANIAtAZiHUOQwcGAagZjrDPDU5sRfHYSjksATPAiYHlGs0EFwNKIAEqiHIUPiefxgkq6VFYIx4RpcPDhHLEa4EEJSjQ5DSeVwGMEaRZCMJcMIfFC6DR2Z3wdgoH45VUgdVanV6gDEAdQukshO0xwWoS4LXYLQAPrHtbr9ShrCGDICy1AAF73IFLcYEYhQO7wH0hZidoRCJ6iUR9UQhISjL2Z-a6HIe9vsUThkAQKa%2Bd2elaWGxQGahMLsHeeZYBG7ELAAaU1FCizgIWYQkVwFvgoGIK69WB9fuTQW5vmWYZ3IQATmYdoAF8UCgaxfCjNAKhAHIIGbWD-GjJRUN3NCMMUTxpRrY4Q0gMMQKAA&bid_id=bididecb6pe1qlefcnyy6&ad_id=bid_itemecb6pe1qlefcnyy5&win_price=4.121244345563514&win_currency=KRW&is_gif=1

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.elle.com/	1969-12-31 23:59:59	Name: location_data Value: {"country_code":"DE","postal_code":"99084"}
www.elle.com/	1970-01-20 09:50:52	Name: ga_lp Value: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/
www.elle.com/	1970-01-20 09:50:52	Name: gpt_session_ab Value: s1
www.elle.com/	1970-01-20 09:50:52	Name: gpt_origref Value:
.elle.com/	1970-01-20 14:11:29	Name: permutive-id Value: 44f78248-eebf-4013-98bf-5334eeb3174f
www.elle.com/	1970-01-20 10:34:02	Name: _pbjs_userid_consent_data Value: 3524755945110770
.0272ac85-5199-4024-a555-397c3d825d95.prmutv.co/	1970-01-20 11:59:00	Name: pxid Value: dcce8798-f8e3-4b26-a3fd-e3c118d75650
.elle.com/	1970-01-20 09:52:17	Name: _gid Value: GA1.2.833762886.1677050657
.elle.com/	1970-01-20 09:50:52	Name: __asc Value: fa06ba69186780239f8346a59db
.elle.com/	1970-01-20 18:37:53	Name: __auc Value: fa06ba69186780239f8346a59db
.www.elle.com/	1970-01-20 19:26:50	Name: __lt__cid Value: 9ec20861-f9b7-4394-b8ba-e9b6d3e0080f
.www.elle.com/	1970-01-20 09:50:52	Name: __lt__sid Value: f51e57bc-b6734025
.doubleclick.net/	1970-01-20 19:12:26	Name: IDE Value: AHWqTUlFthn2l2wQeEF-fCz3trGPKjm-bi8mnh16XkAeqdxBEdwgghRilH_REHaSkfo
.elle.com/	1970-01-20 18:36:26	Name: _qg_fts Value: 1677050657
.elle.com/	1970-01-20 18:36:26	Name: QGUserId Value: 2838082731687119
.elle.com/	1970-01-20 09:50:54	Name: _qg_pushrequest Value: true
.line.me/	1970-01-20 19:26:50	Name: _ldbrbid Value: tr__k1y/XGP1wyKBidlO9txqAg==
.elle.com/	1970-01-20 09:50:50	Name: _gat_gtag_UA_4080264_1 Value: 1
.elle.com/	1970-01-20 19:26:50	Name: _ga Value: GA1.1.883034114.1677050657
.c.appier.net/	1970-01-20 18:36:26	Name: _auid Value: TCjRpLBEDeC-tQ2uIsP1Yw
www.elle.com/	1970-01-20 09:50:54	Name: _lr_retry_request Value: true
www.elle.com/	1970-01-20 10:34:02	Name: _lr_env_src_ats Value: false
www.elle.com/	1970-01-20 11:17:14	Name: pbjs-unifiedid Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-02-22T07%3A24%3A20%22%7D
.c.appier.net/	1970-01-20 19:26:50	Name: QGUserId Value: 2838082731687119
.elle.com/	1970-01-20 10:11:00	Name: _qg_cm Value: 2
.elle.com/	1970-01-20 19:12:26	Name: __gads Value: ID=6a42cab34679a9ea:T=1677050661:S=ALNI_Maq80Kz31qwi-0ptTKHiFNm0H6sjQ
.elle.com/	1970-01-20 19:12:26	Name: __gpi Value: UID=00000bba43bbc749:T=1677050661:RT=1677050661:S=ALNI_MbLXWeQISZnU-gYf4UGys9KnuGJyA
.elle.com/	1970-01-20 19:26:50	Name: _ga_BTTN4BQHSS Value: GS1.1.1677050658.1.0.1677050662.0.0.0
.elle.com/	1970-01-20 19:26:50	Name: _ga_CNQJNVX68C Value: GS1.1.1677050658.1.0.1677050662.0.0.0
.doubleclick.net/	1970-01-20 09:50:54	Name: DSID Value: NO_DATA
.jivox.com/	1970-01-20 12:00:26	Name: jvxsync Value: twzHFB68DWb6
.adnxs.com/	1970-01-20 12:00:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E>xFEN#]!@wnfH8K6pQK`!5=E<L5?%LW1d!TY2au0s6<Kxhch]0Fb`K!8AGB>iu'eH>%nugO%v4VB%nn1?.bJh
.casalemedia.com/	1970-01-20 18:36:26	Name: CMID Value: Y-XDJhRmDMhMo.vqIj7ozAAA
.casalemedia.com/	1970-01-20 12:00:26	Name: CMPS Value: 5211
.casalemedia.com/	1970-01-20 12:00:26	Name: CMPRO Value: 5211
.adnxs.com/	1970-01-20 12:00:26	Name: uuid2 Value: 908537526617288014
.lijit.com/	1970-01-20 18:36:26	Name: ljt_reader Value: GMq8pGZHyjymlCeZRXKJa3-p
.media.net/	1970-01-20 10:11:00	Name: data-g Value: CAESEJemTKDtkWI9weNoIOlt4Zs~~3
.adform.net/	1970-01-20 10:31:09	Name: C Value: 1
.media.net/	1970-01-20 18:36:26	Name: visitor-id Value: 3200522627631198000V10
.bidswitch.net/	1970-01-20 18:36:26	Name: tuuid Value: e6aa4e0f-173b-4b96-aa3b-7e9dee7ae870
.bidswitch.net/	1970-01-20 18:36:26	Name: c Value: 1677050662
.bidswitch.net/	1970-01-20 18:36:26	Name: tuuid_lu Value: 1677050662
.everesttech.net/	1970-01-20 18:36:26	Name: everest_g_v2 Value: g_surferid~Y-XDJgAAATbZsAAF
.analytics.yahoo.com/	1970-01-20 18:36:26	Name: IDSYNC Value: 18yx~2a4v
.bidswitch.net/	1970-01-20 09:50:50	Name: google_push Value: Aa02lx9tI-cBtpEe8JzrLNPIHGku69dlOGFvxbmbYW_2Q7AmiIAbtg3fXiIfZrHY_mw9WE_S6P2dl3eQmicssw5XyhxIkMrkCuwGhw
.adform.net/	1970-01-20 11:17:14	Name: uid Value: 5402721661496531350
.mathtag.com/	1970-01-20 10:34:02	Name: mt_mop Value: 4:1677050663
.mathtag.com/	1970-01-20 19:16:45	Name: uuid Value: a49e63f5-c327-4f00-aadc-2b40caf64f4c
.yahoo.com/	1970-01-20 18:36:48	Name: A3 Value: d=AQABBCfD9WMCEP2-9oO2CmtWfIssEKUA1osFEgEBAQEU92P_YwAAAAAA_eMAAA&S=AQAAArecxPLWM3SCbs_ONFv732M
.zemanta.com/	1970-01-20 18:36:26	Name: zuid Value: 1jxu8pqkcXvsRFAjEtnO
www.elle.com/	1970-01-20 09:51:01	Name: reporting_show_view_seq_num_58e55a2f-0ca3-49a9-b5b1-1a31ff2a9016 Value: 2
www.elle.com/	1970-01-20 09:50:52	Name: sailthru_pageviews Value: 1
.elle.com/	1970-01-20 12:00:26	Name: _gcl_au Value: 1.1.1317722745.1677050664
.globalwebindex.net/	1970-01-20 18:36:00	Name: GWIQ Value: ver=3&gwid=63b01c08-41c1-4367-986a-9b33882b852f

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E9%9F%93%E5%8A%87%E3%80%8A%E5%A5%B3%E7%A5%9E%E9%99%8D%E8%87%A8%E3%80%8B%E8%BB%8A%E9%8A%80%E5%84%AA%E3%80%81%E6%96%87%E4%BD%B3%E7%85%90%E3%80%81%E9%BB%83%E4%BB%81%E7%87%81%E8%A7%92%E8%89%B2%E8%A7%A3%E6%9E%90%EF%BC%81%E7%B6%B2%E5%8F%8B%E7%8B%82%E8%AE%9A%E3%80%8C100%25%E7%A5%9E%E9%82%84%E5%8E%9F%E6%BC%AB%E7%95%AB%E3%80%8D&time=1677050657273&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.elle.com%2Ftw%2Fentertainment%2Fdrama%2Fg34664581%2Fkdrama-true-beauty%2F&random_number=21135494885&sess_cookie=fa06ba69186780239f8346a59db&sess_cookie_flag=1&user_cookie=fa06ba69186780239f8346a59db&user_cookie_flag=1&dynamic=true&domain=elle.com&account=4JZUh1aon8002P&jsv=20130128&user_lang=en-US Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
other	error	URL: https://www.elle.com/tw/entertainment/drama/g34664581/kdrama-true-beauty/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
network	error	URL: https://api.rlcdn.com/api/identity/envelope?pid=13603 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self';
Strict-Transport-Security	max-age=31557600; includeSubDomains
X-Frame-Options	sameorigin

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0272ac85-5199-4024-a555-397c3d825d95.edge.permutive.app
0272ac85-5199-4024-a555-397c3d825d95.prmutv.co
824e4598d66ec61cc075b4eebf4a8592.safeframe.googlesyndication.com
a.teads.tv
ad-log.dable.io
ade.googlesyndication.com
adservice.google.com
adservice.google.de
aiqua-sdk.c.appier.net
aiqua-user.c.appier.net
ajax.googleapis.com
ak.sail-horizon.com
analytics.ad.daum.net
ap.lijit.com
api.dable.io
api.giosg.com
api.permutive.com
api.popin.cc
api.quantumgraph.com
api.rlcdn.com
api.sail-personalize.com
as.euw1.jivox.com
assets.euw1.jivox.com
assets.hearstapps.com
b1sync.zemanta.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.euw1.jivox.com
cdn.giosgusercontent.com
cdn.permutive.com
cdn.qgr.ph
cdn.qgraph.io
cdn.shopify.com
cdnjs.cloudflare.com
certify-js.alexametrics.com
certify.alexametrics.com
cm-exchange.toast.com
cm.g.doubleclick.net
code.createjs.com
connect.facebook.net
cs.media.net
cstudio.aiqua.in
d.line-scdn.net
dsum-sec.casalemedia.com
evs.euw1.jivox.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlesync.permutive.com
gwiq-v3.globalwebindex.net
gwiqcdn.globalwebindex.net
hearst.gscontxt.net
hips.hearstapps.com
ib.adnxs.com
idsync.admixer.co.kr
images.dable.io
link.elle.com.tw
match.adsrvr.org
nexus.ensighten.com
pagead2.googlesyndication.com
playercdn.jivox.com
pr-bh.ybp.yahoo.com
r-log.dable.io
r1---sn-4g5e6ns6.c.2mdn.net
r5---sn-4g5e6nzs.c.2mdn.net
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
region1.google-analytics.com
rtb.openx.net
s.ad.smaato.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
static-assets.hearstapps.com
static.dable.io
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tr.line.me
ups.analytics.yahoo.com
www.elle.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
ad-log.dable.io
analytics.ad.daum.net
cdn.euw1.jivox.com
certify.alexametrics.com
idsync.admixer.co.kr
r-log.dable.io
103.243.202.190
104.111.217.83
104.18.24.185
104.19.150.54
108.138.5.230
119.63.193.220
13.227.219.83
13.228.49.89
13.229.1.241
13.32.99.43
142.251.208.130
147.92.191.92
15.164.137.101
15.197.193.217
150.136.29.250
151.101.194.49
151.101.64.155
172.104.70.67
172.217.16.130
172.217.18.2
178.63.219.113
18.173.5.79
18.196.120.245
18.66.112.84
184.24.177.89
185.29.134.244
185.80.39.216
185.86.139.103
185.89.211.116
2.18.232.7
2001:4860:4802:34::36
216.52.2.91
23.203.124.21
23.227.60.200
23.35.209.30
2600:9000:2204:de00:1b:5138:8a40:93a1
2600:9000:2250:b600:9:f3c8:9b00:93a1
2600:9000:2251:b000:5:2377:b1c0:93a1
2606:4700::6811:180e
2606:4700::6812:af
2a00:1450:4001:4c::a
2a00:1450:4001:60::6
2a00:1450:4001:806::2001
2a00:1450:4001:806::200e
2a00:1450:4001:809::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200a
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9d
2a00:1450:400d:803::200e
2a00:1450:400d:806::2003
2a00:1450:400d:806::2008
2a00:1450:400d:80e::2001
2a02:26f0:3500:11::215:14cb
2a03:2880:f042:110:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3605:6b2a:5cae:833b:4670
3.126.56.137
3.136.241.121
3.226.166.212
34.107.254.252
34.120.133.55
35.190.80.55
35.201.93.216
35.227.252.103
35.241.9.51
37.157.6.241
52.222.139.45
52.222.209.55
52.78.32.47
54.251.155.116
54.75.204.73
54.77.206.57
64.74.236.223
65.9.66.24
65.9.86.82
75.2.40.13
01442b7b416e05e74115d43435d53dc701174c3f51cfc5cd1c1b5df00b9d5937
01e987e62ee6ab29488066902cc5abc517d83cdfe87eefd7b061bf81129d782e
021af807a11798ecd298f72f9b4d9684d5c999092b53250a87ef8c3cd34be174
052f8bcc04af714065ffef33a7d5359843f7b3e240dee7a851b3d00e79dae0d8
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0a35ed9349ac55a582ca22d6ad44ca745ba8e0a4e028574531cc230b089cca79
0b558d4ee57424d16a594b12b2058000366e90eb3bd33fb5c60d98796267fa3d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d4f883e599715941cba313983967950cf2f62b74b2bac9e682be38c286f9adf
0d72f94d87d29899009b8359c4c51ec52eafbd8b0e4830248d6f4344666d9629
0ea8bfd1bba2a3be9f8dbff13247a4e98fc7f15ee88bc238ca09a9faa6013b0f
0ea92c04c03d7da0e4608664dfb06b8bcf85ac91e2f58a8b984620247f447cca
0f9b028b30956a3b91b5208462a20c5258fe8282a5968a15fe2895497948cad5
0fd37a3df770e40d2d5f2671539dff5aa57315db53de1055e36588b82a91af9f
10c2003a22cf790d579103d1e6c8cc6e8aa228ec4d48f62ac4bdbc4ecfca1be6
10d8548d0e447ebd4b29c06545232d0b110cb0f7979b885bf895bb8ad8d7ad10
11812e716ef6c2a63895c62cf7585bb36c95fa9a415f5e248a563ee4f6331493
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1316a931f2c4f295f5c04965db58fb7afa4a82949b359b51af85d84cc8614909
139c36234c15d74808b6156ef8e3d533a4a2dfd4ea6447428091ad4b6916b8da
1574202535e3a1824e978aa64aa1583edc9f65ae1f63949d02136ab251cbe490
164f29a4f995a309c63d4e58df593807fb53f8f94e37c81077e7c397e49beec6
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
1925b08f648040b392898dbf6c194f9c39c1ff4dba096f59e8c711c384602bf7
1a1fee365a22616f76b0e77ddb1f7101957096d9af122425215b4a85eb878912
1b8e290b30ead72bb60fa0f9be142be299e2251e5d7b8063e9e93efa6cdc5482
1b99c20cade8fb923e13e6856fa79a7281349678f6cbd6d02600c1557aebda05
1bfdfb1bdd2de6364488bf2a25a4daef34b02415229faba91d1a4fe3c3b57aa0
1d100aff97db2949ce14423c859dfd0e5c6156d0c3398d3558846c0c4507f25c
1d227381cc00789fb7e50d843d72739278f1c7ab9ccad17c6759023b58d208ec
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1d986ce189291207358a7d6a742dc1a195412ef31296c0f5435cd123844bb97a
1f12d09bdc591e6a2347b198df39587f5f4d4466d9d70d862f837e3ee0316510
21e59cdee15a53329b86a08df86c67da51cf83b8ecf46bd1394efb2c611ef40d
2279582dc2bd85f3279b4d29272558719cacf776e08120aa98a02fb2ef5a44f6
23aa1fc46d3b9ceff5b2455f8ef736c7fc2665f165b19d6aaa198ba32efd2ed6
27971d743a7c8a246a7a0bdd148f4c49e78c71f8622d8081c10facb218f9af5b
2864a519253ffea0e4d737579b2e34916a380c27b623d45c156ded57c8b72abf
2d26878737b845fd929ea49c019a213a718c02a3ac759b1b388f324ddb3e8a59
2d93b3a9f4cfcfa52934e6ab74c5dec4c337976bc4ae137da6f9120b7d07acc6
3156dc4bd0692fbc0d2a10552f02022d49906cefd3bc256ab9f34a95a6a928c3
31629ed146a31974ef1e3702293fc6707362949b8e040e8734f1bc2dc20bcad1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b43ecb4e56f75010f9f5aa8f503692926e898f70de76b95d1bc084a5c444b4
33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc
3404c3685d4329cac25eef1f9f68368817b06504f395d6012fc5673437709758
3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac
425881cf2e16e035012aec8f5c63c0cbc36af40ddf6de6a88ae3030722c48a30
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46ae94e86d87a15c198fa602c598b20055462140a565cddcc465e65784ece262
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
48afa46ac9db406546fea2a79506797a34e55fd10efdb64a18b531a568e95170
48cea39a6d9f368a9d78b07ddca02043a884d1e871b5b39267d4ab6d245753cf
49d5d030d72afc4fdebebb63b724b8790f0dcbc233429e944d4515bab4ff1d33
49e1f995ac34c0fc8444f3c369ff54049926e2dd9dd53b0a9eb4c50046d968be
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bd53de97fd6b376abb0a07be1e0d853eff84b80fef23f6a3b9127c349166b0e
4ca77bf7110b17e2a82dd563e65a3e3c210cf0d48a60ce12625300aa672c7639
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
53b65b69e6d5f663f1c13d2c4ebce6a6d2a2add77644661deeadd5120c8c8502
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54d5ca2deaf3600b45019528ab16c55f1cd9b9e3004ecaba18677bfe6b6289a6
5577fdfc26f7e867f280b1a7471d8b0e30ead2f3e6b3dbc6cc25c931027a8128
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5b7c8e710580b7aa5813cd0737a74ba2fd38cb5a989df4218040ea92c68bbe9b
5c0015791c534b7f0aa496f1b772548e0d0f9ae03159344ddd21957e6a9e5fe7
5e46f8e70f7f10c7b7ec395dbc0882a56585754c10d8dc67663b9e92792ee030
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5e7deee61814b005aa4a2033f26facbaef7606d78bb39115b0c7641cabce43ae
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
617d796e04c0e946dd3bdde1919a15d2ed919ce81b91296ccb8933b7f459c473
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61da64dc2b93e63c044441f7a92d90a4c651fa5ece0fb764181c23311c60e273
61e53f48fe122b277362f702f253d83bdc3fbc1e3f1c1bc8d0635256a8a6a45d
63f45fba9ccad5a943b7be5046f47423f98ff6a6b0892046c3848fc430e56d63
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66ae8a9ebcfa6082e3084553611214ee1fac8141fdeb2886cfd1d24ece044a8f
6908a17080533cc597c4b17bd876ce02ba3c2aeaec4bb9763571dd31b98162c0
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6aa7c3edbc1ee1fe66d4db0fea18aa2d0bbe0dfae05d228c9ffeeaeacb6f1c53
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b78f89ae7c6a184ddf9d9b18fb429bfdc7fdae13ee36a1745aaa09c65495976
6b9678dbe5f50b70f5aebe2a43346636fc5c4768c48625f90523cd0eadd174c0
6c0c9214b79263152f74210ded53cbbbf45b8b47336e4f677c660037932aa5dd
6fd3f1555612c51f3761e0b6d8ac1f6bcd029c30193d9ef9322c1989666bfd54
74c84b791ab1725dbd61a7afea4d7c358aadcaaf94dc476bfca3ccedc36395a5
75b2413a95695d01014489f6e958ef41b0cf5f5b0549d9c6402989b0d66ae430
76294c41ef0f428cdb85913d7887e2f4dad6e04a2a59d9a59cf3545345df5de2
77c01782662a013a12854fb986af14d59288243bc8dc37e032b2bceacb970437
77e87d75903086d846f3d99ec6fa0fb57103bf291a3b64694d7fb092479128f8
78b8b9c06e8648b397191402eb4ca35c9a83400e71f2338c84f2ef1393ef32cf
798023dd5f7cbd4a17ca819f8fb1e31de67829edfca4b7acca04dfca6d898f41
79c5ff3bba77ab9e97397805206f41b76ff73fa9e49819356e6749c294eb3a11
7c0eca8614d1e0a89e50f4290f8b4104e4fdbc08d3368c63fa6b44f01e001102
7c1076beb52357c5dc33be81b6a83af02ce25fda3637ab1c3fd0c5f965a890e4
7c8180ea529ed557ceec9d3a523945ffcf6791d48859e4f036253f994c54a86a
7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4
7ec9b0ec1b969b0062f1f907368d9a55a7ab31c85bdea77f495d0733490bdb99
7f590295690d4df112dd4b4feaa1569bd723f4868e58d89b5cdd5e5f3f3e9087
7fa067db4359794557a35e34c1aafccab1ccd67683d29309fb42105f77cb4517
81a7b37e256bad19da56da3a4214c088ba99715b6a467e799ace73baf88abe7d
82e09424d0728b4a8fe385beeead94931ada1671102034aa0b601130fc3ab360
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86bf0847d6f3769f9691d7daf528513c44e0403b309972af721c77d175cd726c
895f72c77833ea0184bccbe5cfa597b9493bcc2e7feef12976aa270f06d88d8b
8a659e4a5fc20d29de2005e69cc87d5577e13c67712b911124f7fd0452ea9ae5
8b73a89e126c16a756076a7dd374dc129d61c4a0b860a3280236ae3cf8a9bef5
8c509dc9b9b6783d948fa18e618b59ae8cc594740d22a50772f84545c9a0c15e
8c649bfc3b041b6cac73a4e5fa36cfe46b820cfe856ab20e47970b76b3b7450d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
93cfb830fed3ded32de50bfaf8e1d6ce9cd75e14f06cb8554fffe77aec7897c2
9614887cbf9d1312619bcd3b6feeddd905c3150508a69a967ebc44be900b344c
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97fb7cddeac119e0dd7a4fefd55c9011ce2a32be9c43b18b397484499274a12b
9a9212566ae647cc00c2db3eb0729e87bba2c9fadbaef03ccb0feb568cd3465d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ca0de9dc943e53d768af9404952e9efae3d6d21757461a64ad9c6b5c7807577
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aa346dac13c493191e89831298a8b64a39f39a5197db5bb933ccce021ba507
a2a312366d18edca2c0b52242426d2d4bbc933707d663d93abad85e37307711f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a54684c60fff38019ec33d45ef6038ea34fb5f48593c72bd272c5687cc50f740
a72eb475656e82d8e4faa35719d044aa7e1a93c5852c21d57c51a67e5da1f930
a884503e82e75e12747a73b1f79baebc9a0227a6f8c83137820df303f3cca842
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
ab6c6bf63431e97d327735811fe3b66346e5bce1e8a8074d0ebd077d657366a4
acc7ee71c8fe91fc977afc562969871a639f666ccbf06f2f464af5f318c5e833
ae587124abe92df9a591137f5038db6cc7376af48559946185c4ffdbf5c27d5f
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4
b445bad8e6fcb75a280aab0d13732970ddcb3e855e14f5281ec4200b871ac7ef
b76041737b756fd65607bbc028490dca7780c2fc5d73787c20e19a5e71776d4b
bbd3d9aef930859117df3aa9f5872babf077d42e96f48a4522057bece3a07952
bcc44281557cd646b8bddfd843c8f52c6ff48826720fb1b1a21dd5e5f9ae81c1
c1c699539291c57484493fa2d8a38caf5db6d2f40cea88139f7c1c301d50bc08
c28c1b032643280830e17cda07020b339340696ddead910a86c7c99fecd6cc7d
c582ae17a32c1a4d865e630b2c0a1f999c701ed7bf9b23bf5d8e7f708b9de9b1
c6af70ddecf303e9343e24c545b11a9df64249133f2ac0e494a59cf2a4070126
cd14007b2af9067305acf14109ea6daa709434fd78fdb81d2c8247b4b237aec0
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507
d85c52d1490988697d148ece1feccc9ab9f3ea039fd745a33c4589772d23f7e7
da71cae6b3191160eb7def121ad64c0caa8a4ac2e74c70299bcd9eecb4122e0d
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
dd967e616301cab9256f9ac11ec95ba92f0827a32b71600f50173e6e0ccd0caf
ddddca89f22892de575454b6b5a0853664d069c8c286f32b5e849d25018f540f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df4cd6f3b2e248d442621dc6ce284302b126f9af816cab8b60281725200d5190
e232aae687c650aa7b27325fbc51ad63c2c30b670d1b2d32fe9f6c8570879b7c
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3aab29c60242d216955b101a20e3782f3617eb3a3f819b05ddc458152bf2af7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e562693b9972e008fd274cb48216b5d229ecc6a821eff95c2a7c6f88c38b5c0b
e645fbc4be540984816b9a54cb0b20f647aef754472bd7caa4cdc7ea71f38b03
e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc
e720c08cd4b48b3abb52c02fbc43332b34c4d14b3f3da4ff5f30413d60513782
eb1ba6ef1dd91fd9eb48efb027f86039a6e32327f6eafba0073ad1c629f3f22e
ebce13bdad79a11269a32d84672299bcd15d00266d09f65334e4ea4d68af9a97
ecba06a7bb378fae1c62d7ef2e83119d7c8a40c07a96b67078a3155f56eeac84
ed35d124de5ef9b55812676e1151522849add4185b7437c0c3973f7a64e3e0a5
ee4cfb80dd25cc2c164efef4ebc1b0ba0e31627dcb02eca8a726bb49347ceeb3
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee6081b33aa9e8eaad724e592d1a557528b75919799936f98ac3e89171908838
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe00f3d426a1183ac172be8a38d86a5ac8c0862319f0a7df120407ab7c05291
f04b8f220d4f27a70534904566ed0764ba5d4982d5a09f0977b04eeb425b6b03
f0d959c83bf0a2a3a766bbbe60820b83f3857f0f3894ec75e3a29be8f057f77a
f104737c36fc80ba61d0cd43deda1344fed25306d5f180fab18f27b73e234717
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f324c06e9e87405a95bfd62767836e03f5365df485a050564a4bcea15d1e82fa
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6c84a15873bbae73ff06857139327b85a6869fa0e21d36666aa2bb5d9bbb19b
fa85a4366200f608a99ecf4b1b933babdd9c5662cbe5d518b3daa57e53dbd85b
fa8ce895912c640c6fe091a30fdabd8284b4acff31c5bcbfc482b53ea859849a
fe6d0bb0e9a09a08b1e1129046fa124954bc541e1c8915a321df382f4a66bbce
ffbfc1cb7d42d0ea77128be1d5f48e6962147f22159e6cdfdcc714357db8494a

www.elle.com Open in urlscan Pro 151.101.64.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

322 Requests

87 %HTTPS

36 %IPv6

62 Domains

95 Subdomains

72 IPs

12 Countries

14779 kBTransfer

21815 kBSize

55 Cookies

11 Outgoing links

Redirected requests

322 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.elle.com Open in urlscan Pro
151.101.64.155 Public Scan

Screenshot
Live screenshot

Full Image

322
Requests

87 %
HTTPS

36 %
IPv6

62
Domains

95
Subdomains

72
IPs

12
Countries

14779 kB
Transfer

21815 kB
Size

55
Cookies

322 HTTP transactions
6 data transactions