tw.beautyplayer.ca Open in urlscan Pro
35.201.236.149 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://lihi1.com/q06Aw
Effective URL:
https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Submission: On January 10 via manual (January 10th 2022, 4:26:43 am UTC) from DE — Scanned from DE

Summary HTTP 181 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 36 IPs in 7 countries across 26 domains to perform 181 HTTP transactions. The main IP is 35.201.236.149, located in Taipei, Taiwan and belongs to GOOGLE, US. The main domain is tw.beautyplayer.ca.
TLS certificate: Issued by R3 on November 22nd 2021. Valid for: 3 months.

This is the only time tw.beautyplayer.ca was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.244.149.249 35.244.149.249	15169 (GOOGLE) (GOOGLE)
9	35.201.236.149 35.201.236.149	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2606:4700:10:... 2606:4700:10::6816:917	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2606:4700:10:... 2606:4700:10::6816:817	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:1ec:27::... 2620:1ec:27::cafe:2080	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
10	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 4	2a00:1450:401... 2a00:1450:4019:803::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
3	52.182.214.99 52.182.214.99	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
17	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	143.204.98.23 143.204.98.23	16509 (AMAZON-02) (AMAZON-02)
3	34.213.95.5 34.213.95.5	16509 (AMAZON-02) (AMAZON-02)
1	34.117.219.39 34.117.219.39	15169 (GOOGLE) (GOOGLE)
4	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
40	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	13.225.80.89 13.225.80.89	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	2.18.232.182 2.18.232.182	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.193.122 13.224.193.122	16509 (AMAZON-02) (AMAZON-02)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	13.224.193.73 13.224.193.73	16509 (AMAZON-02) (AMAZON-02)
1	147.92.191.92 147.92.191.92	38631 (LINE LINE...) (LINE LINE Corporation)
1	2600:9000:20e... 2600:9000:20eb:6200:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
181	36

1 35.244.149.249 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 249.149.244.35.bc.googleusercontent.com

lihi1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.201.236.149 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)
PTR: 149.236.201.35.bc.googleusercontent.com

tw.beautyplayer.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:10::6816:917 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.qdm.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2606:4700:10::6816:817 (United States)

ASN13335 (CLOUDFLARENET, US)

image-cdn.qdm.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image-cdn-flare.qdm.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:2080 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4019:803::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

chart.apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.182.214.99 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

g.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-23.fra50.r.cloudfront.net

cdn.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.213.95.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-95-5.us-west-2.compute.amazonaws.com

dmp.eland-tech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.219.39 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 39.219.117.34.bc.googleusercontent.com

fp.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
scontent.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.182 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-182.deploy.static.akamaitechnologies.com

d.line-scdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-122.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-73.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 147.92.191.92 (Japan)

ASN38631 (LINE LINE Corporation, JP)

tr.line.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:6200:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.76.93 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 658 scontent.xx.fbcdn.net — Cisco Umbrella Rank: 357	1 MB
35	qdm.cloud cdn.qdm.cloud image-cdn.qdm.cloud image-cdn-flare.qdm.cloud — Cisco Umbrella Rank: 970172	3 MB
17	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	56 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	79 KB
9	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 8 analytics.google.com — Cisco Umbrella Rank: 971 chart.apis.google.com — Cisco Umbrella Rank: 32186	2 KB
9	beautyplayer.ca tw.beautyplayer.ca	74 KB
8	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 78	5 KB
7	google.se www.google.se — Cisco Umbrella Rank: 22577	883 B
7	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 202	34 KB
6	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1488 g.clarity.ms — Cisco Umbrella Rank: 4089 c.clarity.ms — Cisco Umbrella Rank: 998	25 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	215 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	281 KB
4	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 3837	61 KB
4	holmesmind.com 1 redirects fp.holmesmind.com — Cisco Umbrella Rank: 125763 cdn.holmesmind.com — Cisco Umbrella Rank: 129170 c.holmesmind.com — Cisco Umbrella Rank: 91878	4 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 573 script.hotjar.com — Cisco Umbrella Rank: 719 vars.hotjar.com — Cisco Umbrella Rank: 857	64 KB
3	eland-tech.com dmp.eland-tech.com — Cisco Umbrella Rank: 173936	6 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 398	15 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 385	7 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 258 fonts.googleapis.com — Cisco Umbrella Rank: 37	31 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	16 KB
1	line.me tr.line.me — Cisco Umbrella Rank: 8448	425 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 740	715 B
1	line-scdn.net d.line-scdn.net — Cisco Umbrella Rank: 7324	10 KB
1	doublemax.net cdn.doublemax.net — Cisco Umbrella Rank: 296369	2 KB
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 239	550 B
1	lihi1.com 1 redirects lihi1.com — Cisco Umbrella Rank: 764926	745 B
181	26

	Domain	Requested by
39	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
18	cdn.qdm.cloud	tw.beautyplayer.ca cdn.qdm.cloud
17	www.facebook.com	connect.facebook.net tw.beautyplayer.ca ajax.googleapis.com static.xx.fbcdn.net
14	image-cdn-flare.qdm.cloud	tw.beautyplayer.ca
10	www.google-analytics.com	tw.beautyplayer.ca www.googletagmanager.com www.google-analytics.com
9	tw.beautyplayer.ca	tw.beautyplayer.ca ajax.googleapis.com
7	www.google.se	tw.beautyplayer.ca
7	cdnjs.cloudflare.com	tw.beautyplayer.ca cdn.qdm.cloud
6	www.google.com	1 redirects tw.beautyplayer.ca
5	connect.facebook.net	tw.beautyplayer.ca connect.facebook.net
5	www.googletagmanager.com	tw.beautyplayer.ca www.googletagmanager.com
4	static.addtoany.com	tw.beautyplayer.ca static.addtoany.com
4	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
4	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
3	dmp.eland-tech.com	cdn.qdm.cloud dmp.eland-tech.com cdn.jsdelivr.net
3	g.clarity.ms	www.clarity.ms g.clarity.ms
3	image-cdn.qdm.cloud	tw.beautyplayer.ca cdn.qdm.cloud
2	c.holmesmind.com	1 redirects cdn.holmesmind.com
2	cdn.jsdelivr.net	dmp.eland-tech.com
2	s.yimg.com	tw.beautyplayer.ca s.yimg.com
2	c.clarity.ms	1 redirects tw.beautyplayer.ca
2	analytics.google.com	www.googletagmanager.com
2	www.googleadservices.com	tw.beautyplayer.ca www.googleadservices.com
1	scontent.xx.fbcdn.net
1	cdn.holmesmind.com	cdn.doublemax.net
1	tr.line.me	tw.beautyplayer.ca
1	vars.hotjar.com	static.hotjar.com
1	sp.analytics.yahoo.com	tw.beautyplayer.ca
1	script.hotjar.com	static.hotjar.com
1	d.line-scdn.net	tw.beautyplayer.ca
1	static.hotjar.com	www.googletagmanager.com
1	fp.holmesmind.com	cdn.doublemax.net
1	cdn.doublemax.net	cdn.qdm.cloud
1	fonts.googleapis.com	tw.beautyplayer.ca
1	c.bing.com	1 redirects
1	ajax.googleapis.com	tw.beautyplayer.ca
1	chart.apis.google.com	tw.beautyplayer.ca
1	www.clarity.ms	tw.beautyplayer.ca
1	lihi1.com	1 redirects
181	39

This site contains links to these domains. Also see Links.

Domain
line.naver.jp
www.messenger.com
www.facebook.com
youtu.be
www.instagram.com
image-cdn-flare.qdm.cloud
chart.apis.google.com
qdm.tw
www.addtoany.com

Subject Issuer	Validity	Valid
tw.beautyplayer.ca R3	`2021-11-22` - `2022-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-01-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
*.doublemax.net Go Daddy Secure Certificate Authority - G2	`2021-04-24` - `2022-05-26`	a year	crt.sh
dmp.eland-tech.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-14` - `2022-05-14`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-12-20` - `2022-02-09`	2 months	crt.sh
line-apps.com DigiCert SHA2 Secure Server CA	`2021-11-20` - `2022-11-22`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-19` - `2022-04-13`	6 months	crt.sh
*.line.me GlobalSign RSA OV SSL CA 2018	`2020-06-17` - `2022-09-05`	2 years	crt.sh

This page contains 13 frames:

Primary Page: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Frame ID: 35B85B953DDF840F3230E27CBDE43A03
Requests: 128 HTTP requests in this frame

Frame: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7647-3LCQBgTb4tShv287F5wn1CoOpwtoqkRV&CFFPCKUUID=8624-oPW9f5V7fxij3k4nuG4CPo52hXwuPAYm&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&maindomain=tw.beautyplayer.ca
Frame ID: 1F148F5F8EF81EA0F68680698767DBB6
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fbeautyplayermask/&tabs&width=500&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=138789459815890
Frame ID: 7A7D586F2CB79BA4302CBF26544EC205
Requests: 2 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.23.html
Frame ID: 9D9F631215CC88D38A408A0CE92917F7
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Frame ID: 59D5BD0DA73AB90465A25130F9C252F7
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: BED53376B530574B65AC11867BEF1585
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm?rtid=8282001
Frame ID: AB41A3D2D6F14DDCBD433AF4714C7457
Requests: 2 HTTP requests in this frame

Frame: https://dmp.eland-tech.com/dmpreceiver/viewreceiver?&DMP_SR=CAP8282&target=usual&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&refer_url=&platform=PC&os=Windows&browser=Chrome&subDomain=%E5%84%AA%E6%83%A0%E6%B4%BB%E5%8B%95&trackType=view&adSrTag=bpsms&adMediumTag=sms&adCampaignTag=cny-chic20220110&ce=1&item_name=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84&item_id=182&fp2=1645b1b280554ccefc7957712a9806f4&
Frame ID: 0425466B16123AACECE61C2F25279D2F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/comments.php?app_id=168793843734901&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df132642ded420ec%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182&locale=en_US&numposts=5&order_by=time&sdk=joey&version=v12.0&width=
Frame ID: DC3706DCAE3DD8CD4A9FFAFF20D4B4A4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=168793843734901&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df247362e975671%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&greeting_dialog_delay=1&greeting_dialog_display=fade&locale=en_US&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&logged_in_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&logged_out_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&page_id=370587236668314&ref=QDM&request_time=1641788800547&sdk=joey&theme_color=%23dd2a2e
Frame ID: 5BCAB168488507BD4927C3C2EC9D1F30
Requests: 39 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: A5155DC68BEB24F333ACDDD13B2AF21B
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: 533D54C887EF356C496D36AB8F5B9C2B
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
Frame ID: DE99B74475D82B8A9E3E1E832D2C59FA
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

享受不寂寞聯名組 | Beauty Player愛美玩家

Page URL History Show full URLs

https://lihi1.com/q06Aw HTTP 302
https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=... Page URL

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

181
Requests

98 %
HTTPS

59 %
IPv6

26
Domains

39
Subdomains

36
IPs

7
Countries

5616 kB
Transfer

12372 kB
Size

54
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://line.naver.jp/ti/p/~@beautyplayer
Title: LINE官方帳號

Search URL Search Domain Scan URL

URL: https://www.messenger.com/t/beautyplayermask/
Title: Facebook訊息

Search URL Search Domain Scan URL

URL: https://www.facebook.com/beautyplayermask/

Search URL Search Domain Scan URL

URL: https://youtu.be/JZVB3fifYRk

Search URL Search Domain Scan URL

URL: https://www.instagram.com/beautyplayermask/

Search URL Search Domain Scan URL

URL: https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/cache/data/___3-max-w-1024.jpg

Search URL Search Domain Scan URL

URL: https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110

Search URL Search Domain Scan URL

URL: https://qdm.tw/
Title: QDM

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://lihi1.com/q06Aw HTTP 302
https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=fLXbYbTCDc-Wx_APrqGg8A8&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=fLXbYbTCDc-Wx_APrqGg8A8&random=2991980450&resp=GooglemKTybQhCsO HTTP 302
https://www.google.se/pagead/1p-conversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=fLXbYbTCDc-Wx_APrqGg8A8&random=2991980450&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Request Chain 40

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=0A994C2D7C204F76A3591260AA00B359&RedC=c.clarity.ms&MXFR=38B8C5FE895A6FE60532D4D68D5A611B HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=0A994C2D7C204F76A3591260AA00B359&MUID=26A1A832BE0365601F3CB91ABFD1646A

Request Chain 127

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

181 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request product&product_id=182 Show response
tw.beautyplayer.ca/product/
Redirect Chain

https://lihi1.com/q06Aw
https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

157 KB
35 KB

1205ms
631ms

Document
text/html

35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

43413331dd7b9f25dffca652505fd013f7f29b53846a3962788fe9574d9669a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 10 Jan 2022 04:26:35 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
last-modified: Mon, 10 Jan 2022 04:26:35 GMT
x-frame-options: SAMEORIGIN SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
x-ua-compatible: IE=Edge
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload;

Redirect headers

server: nginx/1.14.0 (Ubuntu)
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
date: Mon, 10 Jan 2022 04:26:34 GMT
location: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
via: 1.1 google
alt-svc: clear

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 167 KB
62 KB 110ms
66ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE53XM4LCT

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

968e8defd809f51313b2635b79518c270e3b15fd9e51f3b1d46312c2d6a5c467

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 63261
x-xss-protection: 0
expires: Mon, 10 Jan 2022 04:26:36 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
51 KB 84ms
40ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-456773823

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ccd506e16978471e089e8fc5d1b115f675749381d8eacb9da570f3cfa608b785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51542
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 04:26:36 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 81ms
34ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14724
x-xss-protection: 0
server: cafe
etag: 224124413464385116
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 10 Jan 2022 04:26:36 GMT

GET
H2 200 picturefill.min.js Show response
cdnjs.cloudflare.com/ajax/libs/picturefill/3.0.3/ 12 KB
5 KB 64ms
25ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/picturefill/3.0.3/picturefill.min.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 423835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f8b-2e1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fzUzOuwkRPNZaVCSFDcqoE73LmZAGN8B3IXHc%2B3ujIj5RaiR7bG5wM2Xd%2FULxQ9L3mLfzpOXOwWym5733rXTaa2feAli12QX5Qx3S59KxqLXIFd4RhDfahUE%2BZcDetwlFx5FieX73IGLuiTWnL84G%2Fnj"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb325e898e18b96-FRA
expires: Sat, 31 Dec 2022 04:26:36 GMT

GET
H2 200 core.210624v01.css
cdn.qdm.cloud/min/css/ 332 KB
62 KB 102ms
35ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/min/css/core.210624v01.css
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 795bc7f554c422da54e1304194a9fca72b848f03c3df4f8bb939cb99a95763be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1304445
x-guploader-uploadid: ADPycdsTce4QmFfHZxo3v11e3du8axjoCPMjvAxAEVJ9f5E7JRGgH9inPCv04gVpN1aZ1VsTRWyqZzHtXACf5TFE8XDk1cE91w
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 24 Jun 2021 07:38:08 GMT
server: cloudflare
etag: W/"1f85449c720958c148c126e7bebab97a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Qd2KIg==, md5=H4VEnHIJWMFIwSbnvrq5eg==
x-goog-generation: 1624520288656626
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 339479
cf-ray: 6cb325e82ae98b8d-FRA
expires: Sun, 26 Dec 2021 03:05:51 GMT

GET
H2 200 skin-4.css
cdn.qdm.cloud/min/css/theme/ 4 KB
1 KB 118ms
51ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/min/css/theme/skin-4.css?v=181026001
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a4165eac77eaa4a5d13e5c9d590fce1c956dd3227655988d5f80c7a9fd0698

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1203934
x-guploader-uploadid: ABg5-UzJghDTG4cMNXVk4IunwGcWoe9nsARU6HR40AUgK0KLrFwT8IwfihHzimzyYV5o7fcNugRMzCDsWxzr6_px_5LCm7Y-kQ
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 17 Aug 2017 16:30:36 GMT
server: cloudflare
etag: W/"051ab848b6a2e2722e1be673be46cf1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=7HLwtQ==, md5=BRq4SLai4nIuG+ZzvkbPHA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1502987436464847
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3863
cf-ray: 6cb325e82aec8b8d-FRA
content-type: text/css
expires: Mon, 27 Dec 2021 07:01:02 GMT

GET
H2 200 custom_theme.css
image-cdn.qdm.cloud/site/q58f7434b783e1/ 10 KB
3 KB 108ms
41ms Stylesheet
text/css 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://image-cdn.qdm.cloud/site/q58f7434b783e1/custom_theme.css?v=20211029122944

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ce9d1cb8c782ff9b26709772092323c8bfa828c89968bffd9c55476c8ac312f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1224568
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 29 Oct 2021 04:29:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"617b78bf-29e6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6cb325e82b422bad-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 002_1.jpg
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 189 KB
190 KB 43ms
32ms Image
image/jpeg 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/002_1.jpg

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7bb6cb8d00f7f3642d52cfaf3972a5bed4f3b138ecf683358826828b47ee8ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 238568
strict-transport-security: max-age=63072000; includeSubDomains; preload;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 193721
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 13 Nov 2020 07:46:38 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5fae39de-2f4b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cf-bgj: h2pri
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325e86b8c2bad-FRA
expires: Thu, 08 Jan 2032 04:26:36 GMT

GET
H2 200 99n8zhelys Show response
www.clarity.ms/tag/ 998 B
1 KB 279ms
138ms Script
application/x-javascript 2620:1ec:27::cafe:2080
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/99n8zhelys
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:2080 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 2a7890db9205c713a008765f47b197aa7c651c274c9af7289b535838319203c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:35 GMT
x-powered-by: ASP.NET
x-azure-ref: 0fLXbYQAAAAA4ygKwdzDhTrSFe6/FV+G/TFRTRURHRTEyMjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695
content-length: 998
expires: -1

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 340ms
49ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5130
date: Mon, 10 Jan 2022 03:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 10 Jan 2022 05:01:06 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 88ms
50ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: k50Dbcxi9KI92FXVUTl7Za2jZ0XsMfssTJOtETNxrANDokw4iRI7Xiw8mS3Kc0x1LPWNsDFbpVInJe79aPP5wQ==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/753074300/ 2 KB
1 KB 26ms
25ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/753074300/?random=1641788796202&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

a8c0371b1d58766c3901c4bbe28412523e5229e19d69236456d9dcb820e14324

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1194
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.php Show response
tw.beautyplayer.ca/ 381 B
2 KB 1709ms
1708ms XHR
text/html 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/index.php?route=pixcel/facebook/capi_page_view&quuid=q58f7434b783e1ce13fd1a-d54e-4638-8848-08e1fc26c2d4v

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

741971ff7803fb47bee29bbef87ca9e733e6c2d466db1d4947fdb4c78fb451d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 04:26:37 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 165 KB
61 KB 58ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-TE53XM4LCT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-456773823

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2524cb51f4ac2491ca4625669b81edd2880561940199c8b119803c56c9b7d1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62361
x-xss-protection: 0
expires: Mon, 10 Jan 2022 04:26:36 GMT

GET
H3

200

/
www.google.se/pagead/1p-conversion/753074300/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=160...
https://www.google.com/pagead/1p-conversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_t...
https://www.google.se/pagead/1p-conversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz...

42 B
64 B

55ms
30ms

Image
image/gif

2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-conversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=fLXbYbTCDc-Wx_APrqGg8A8&random=2991980450&resp=GooglemKTybQhCsO&ipr=y&prhg=0

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.se/pagead/1p-conversion/753074300/?random=1148154132&cv=9&fst=1641788796202&num=1&value=0&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=fLXbYbTCDc-Wx_APrqGg8A8&random=2991980450&resp=GooglemKTybQhCsO&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
349 B 66ms
23ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TE53XM4LCT&gtm=2oe150&_p=520779674&sr=1600x1200&_gaz=1&ul=en-us&cid=1925182564.1641788796&_s=1&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&dt=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&sid=1641788796&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE53XM4LCT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 325ms
25ms Ping
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-TE53XM4LCT&cid=1925182564.1641788796&gtm=2oe150&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE53XM4LCT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:36 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 321ms
29ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-TE53XM4LCT&cid=1925182564.1641788796&gtm=2oe150&aip=1&z=121551829

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 index.php Show response
tw.beautyplayer.ca/ 384 B
2 KB 1608ms
1608ms XHR
text/html 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/index.php?route=pixcel/facebook/capi_view_product&quuid=q58f7434b783e1ce13fd1a-d54e-4638-8848-08e1fc26c2d4c

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

34def0e6a88c20ae9e9a758d9701b72349f9bd7d34b65c33b54e17293bf4a2f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 04:26:37 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 1ca6802282a04df980c668c2b84ef950.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 17 KB
17 KB 57ms
33ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/1ca6802282a04df980c668c2b84ef950.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4b6c563193d09d793755432a997b188440678d0f5fd7919ed43278d909b29df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 238566
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17381
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:22:05 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffb41d-43e5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325e96da94db8-FRA
expires: Thu, 08 Jan 2032 04:26:36 GMT

GET
H3 200 300b75a3ca6a75562acb5663f4716b0f.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 17 KB
18 KB 53ms
30ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/300b75a3ca6a75562acb5663f4716b0f.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9198dcdced5cf7322886ea8765f2e5f29cb35a83210d0a3bd8297e38803f2e43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 260823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17643
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:13:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffb20e-44eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325e96dad4db8-FRA
expires: Thu, 08 Jan 2032 04:26:36 GMT

GET
H3 200 __5.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 17 KB
17 KB 89ms
66ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/__5.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0657b321f3ca97ae4c1d9ecc7531e525cd848e34470c607bacf4fca88b62a297

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 663937
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17253
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:31:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffb63d-4365"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325e99dd74db8-FRA
expires: Thu, 08 Jan 2032 04:26:36 GMT

GET
H3 200 d3e548435abbeeb50c2cd9f75d52f345.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 18 KB
18 KB 87ms
65ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/d3e548435abbeeb50c2cd9f75d52f345.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9341818c2f2b8e44e4063d08d1ed8cca78e005eebce07f30720f33ff898fcd42

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 238565
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18453
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 06:59:13 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffaec1-4815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325e96da34db8-FRA
expires: Thu, 08 Jan 2032 04:26:36 GMT

GET
H3 200 35414daceae74c362e028405745515fa.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 16 KB
17 KB 70ms
48ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/35414daceae74c362e028405745515fa.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

037bc46815af4e3c6d7b9c938f56442d33faa44a500ed4eeb2703b85016b7633

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 260823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16810
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 06:57:27 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffae57-41aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325e96da74db8-FRA
expires: Thu, 08 Jan 2032 04:26:36 GMT

GET
H3 200 marquee-1591093360.css
cdn.qdm.cloud/static/marquee/ 942 B
948 B 61ms
39ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/marquee/marquee-1591093360.css
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6c31639ddf311ea2b65e8499727551319cb0a8181f878633f4e8c23817d2940

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 265607
x-guploader-uploadid: ADPycdtxxu7qfcElx_5q4w07R3iJXykfTJFu0tfyAva_RofiV8n5BmT6ZRmWPjeGcsRGylmgDHC9fEEGiTWcd14ZzRY
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Jun 2020 10:22:56 GMT
server: cloudflare
etag: W/"6b441862dcc8a3d773ce1c7f5c4ac929"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=S4h//w==, md5=a0QYYtzIo9dzzhx/XErJKQ==
x-goog-generation: 1591093376525583
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 942
cf-ray: 6cb325e96df92b4d-FRA
expires: Fri, 07 Jan 2022 02:52:05 GMT

GET
H3 200 ___3-max-440.jpg
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/cache/data/ 102 KB
103 KB 1615ms
1613ms Image
image/jpeg 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/cache/data/___3-max-440.jpg

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daea98ebe5d7eb34741feb779041434fd72a3b591be8823a5888197bfb33e4b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 104947
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 08 Jan 2022 12:39:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61d985eb-199f3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325e99dd24db8-FRA
expires: Thu, 08 Jan 2032 04:26:37 GMT

GET
H2 200 chart
chart.apis.google.com/ 393 B
746 B 215ms
123ms Image
image/png 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://chart.apis.google.com/chart?cht=qr&chs=36x36&chld=l|0&chl=https://tw.beautyplayer.ca

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GoogleChartAPI/1.0 /

Resource Hash

8b2dd36634025bfd0f2db3e7cfa44ae1426eda2a37a8d3edee70e9ee398b949e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	ALLOWALL
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 02-May-2018 18:35:04 GMT
server: GoogleChartAPI/1.0
x-frame-options: ALLOWALL
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 393
x-xss-protection: 1; mode=block
expires: Tue, 11 Jan 2022 04:26:36 GMT

GET
H3 200 stars-0.png
cdn.qdm.cloud/qdm_base/catalog/view/theme/default/images/ 382 B
1 KB 33ms
32ms Image
image/webp 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.qdm.cloud/qdm_base/catalog/view/theme/default/images/stars-0.png
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e10d2afad84f95e40094bddcd7c36b714995477d02ffccce0c8b80f4a1f6c154

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
cf-cache-status: HIT
age: 270768
cf-polished: origFmt=png, origSize=716
x-guploader-uploadid: ADPycdvwYhyQiGX9EfpUCrWJzC55EXfXzkN16l1UJAy0nn9kKf7sGeWXFCf7QGKVeZuR1F1Jb7d0xA7OovQbs7NANb8
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="stars-0.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 382
expires: Fri, 07 Jan 2022 02:13:48 GMT
last-modified: Thu, 17 Aug 2017 16:36:33 GMT
server: cloudflare
content-language: en
etag: "c12a097428d48eda20f3a7da7090ca43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=5bSpiA==, md5=wSoJdCjUjtog86facJDKQw==
x-goog-generation: 1502987793882901
access-control-allow-origin: *
content-type: image/webp
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 716
accept-ranges: bytes
cf-ray: 6cb325e99e272b4d-FRA
cf-bgj: imgq:100,h2pri

GET
H2 200 3770f4221aef57e1e0db8d8dac153df6.png
tw.beautyplayer.ca/image/data/2021/07/28/ 29 KB
30 KB 546ms
545ms Image
image/png 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tw.beautyplayer.ca/image/data/2021/07/28/3770f4221aef57e1e0db8d8dac153df6.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

8551b1aefbfbc04e3713231c0bf53ce958efe4aae83e538b353ebe6e4c2b09da

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
vary: Accept-Encoding
content-length: 29971
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Jul 2021 10:18:49 GMT
server: nginx
x-frame-options: SAMEORIGIN
etag: "61012f09-7513"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
cache-control: max-age=315360000
accept-ranges: bytes
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 LAB.min.js Show response
cdn.qdm.cloud/assets/js/ 5 KB
3 KB 31ms
30ms Script
application/javascript 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/assets/js/LAB.min.js
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 422351
x-guploader-uploadid: ADPycdsEiP0A8Wq853H167nKT722xFS0Q4DywKmiybPsPWL6euQgMJ4OPV-HnhBnBEac_gV_845XK1Rdao20ud4Lok7E-77_Fg
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 4
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Thu, 17 Aug 2017 16:29:43 GMT
server: cloudflare
etag: W/"e842152f94c9b774040a36d6912188d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=GHLQtA==, md5=6EIVL5TJt3QECjbWkSGI2Q==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1502987383694018
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 5490
cf-ray: 6cb325e99e292b4d-FRA
content-type: application/javascript
expires: Wed, 05 Jan 2022 08:07:25 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 60ms
18ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 21:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 Jan 2023 21:13:12 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 35 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 36ms
16ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa8e78f3f30f1b267c9f993d4031ca93cb6e5ab03b78a1dd1b3fd342af0d0ea5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: a1/pkT9WSfsSj3VI0F9fbg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 10 Jan 2022 04:43:52 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: NvQyQXfh20q+W8CMakFJ/ZCoocgk39WCovcIC99RAuQIZygkFusj7rYFtQ4Hsq2NlC4d8USpE9BjMEnlR9JU5w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: cc98d74f064dc281258a69d00e0be5bb
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 Jan 2022 04:26:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "966dc857ba42cf060588967d7014ce99"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H3 200 plus.png
cdn.qdm.cloud/qdm_base/catalog/view/theme/default/images/ 42 B
749 B 31ms
30ms Image
image/webp 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.qdm.cloud/qdm_base/catalog/view/theme/default/images/plus.png
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/min/css/core.210624v01.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73690e3eeefa3672a9ddb120b26c962491612987fcd4bc9bc5df800943dcd6ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.qdm.cloud/min/css/core.210624v01.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
cf-cache-status: HIT
age: 254771
cf-polished: origFmt=png, origSize=128
x-guploader-uploadid: ADPycds9ZpbcDIuZWiFRxeM-ulcsp-B88UST_lsJfTHaAjElKNPRVYG6Xs3cXI9SYtpAcSzMlIR8n7uj1TZaGLFsFUc
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="plus.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42
expires: Fri, 07 Jan 2022 06:40:24 GMT
last-modified: Thu, 17 Aug 2017 16:36:31 GMT
server: cloudflare
content-language: en
etag: "11583b4ee2df7de3e2ea6ac1bd56be46"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=JZBVJA==, md5=EVg7TuLffePi6mrBvVa+Rg==
x-goog-generation: 1502987791182160
access-control-allow-origin: *
content-type: image/webp
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 128
accept-ranges: bytes
cf-ray: 6cb325e9ce502b4d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 sprite.png
cdn.qdm.cloud/qdm_base/catalog/view/theme/default/images/ 2 KB
3 KB 26ms
26ms Image
image/webp 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.qdm.cloud/qdm_base/catalog/view/theme/default/images/sprite.png
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/min/css/core.210624v01.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5742b8f76ab9ca3f8a4cab4fa849a9cae18a829585a6c36e5cd533b27a33dd5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.qdm.cloud/min/css/core.210624v01.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
cf-cache-status: HIT
age: 254771
cf-polished: origFmt=png, origSize=3180
x-guploader-uploadid: ADPycdvs5iwpxSaCoJoZGVFjJdVcJiO6TJsdjXnMd6PSJBgCqndFhmSsGpoaD8z2uGx31TfNxZKAeSCzfLWTk1QSLfo
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="sprite.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2008
expires: Fri, 07 Jan 2022 06:40:25 GMT
last-modified: Thu, 17 Aug 2017 16:36:33 GMT
server: cloudflare
content-language: en
etag: "b50a968a0c6089987a894b026942fdbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
x-goog-hash: crc32c=FRhQUw==, md5=tQqWigxgiZh6iUsCaUL9vg==
x-goog-generation: 1502987793416332
access-control-allow-origin: *
content-type: image/webp
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 3180
accept-ranges: bytes
cf-ray: 6cb325e9ce512b4d-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 core_product.190717001.css
cdn.qdm.cloud/assets/css/ 6 KB
3 KB 75ms
75ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/assets/css/core_product.190717001.css
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9832693ffd15a74c83268b71977ff8b9d1e5b5148d611fa0ca8b36656f336a82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1206253
x-guploader-uploadid: ABg5-UwLvqyvLLvnbJLO_lXSYjP4u6F0kEF_fPqKdxhZAipQQEWH0aUykIrv5MD6WvxpoBGQdCfbSczBGAwRjri0R0s
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Jul 2019 07:57:54 GMT
server: cloudflare
etag: W/"6f50258d0a4be524afdf7b33463b7d86"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=SYPklg==, md5=b1AljQpL5SSv33szRjt9hg==
x-goog-generation: 1563350274669278
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 6443
cf-ray: 6cb325eb98152b4d-FRA
expires: Mon, 27 Dec 2021 06:22:23 GMT

GET
H3 200 _1_12.jpg
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 2 MB
2 MB 1576ms
1576ms Image
image/jpeg 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/_1_12.jpg

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

025bf984fe836fd350f22da1b1b3a4435c6e04011162b8969fa31303a3943d14

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1895263
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Sun, 09 Jan 2022 10:35:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61daba6d-1ceb5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325eb5fa04db8-FRA
expires: Thu, 08 Jan 2032 04:26:37 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 285 KB
80 KB 37ms
18ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6293fc708ac9d3566cf3cb3dd7da5b1b1d5c5553ed6ffda5526651fed1f54fe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://tw.beautyplayer.ca/
Origin: https://tw.beautyplayer.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: nG2XLnbBur5FxMu1A7gpCw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Tue, 10 Jan 2023 03:52:14 GMT
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 82065
x-fb-rlafr: 0
x-fb-debug: iRcM7y1ZJhWghI2THWpN6JOvoPpRdkajcI18/aYRMp5DV/IskvplH6Q78Ze3jf0J0OubJ2gTyUEMNJxRiRuCGQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 18dc53950260d2a8c784145973c9ced5
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 Jan 2022 04:26:36 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "1230e9f9f39eb45e8773f3456ab4cd06"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 clarity.js Show response
g.clarity.ms/s/0.6.31/ 52 KB
23 KB 618ms
138ms Script
application/javascript 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/99n8zhelys
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
etag: "1d7ffcbff747e00"
last-modified: Sun, 02 Jan 2022 11:29:26 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
content-length: 22925
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=0A994C2D7C204F76A3591260AA00B359&RedC=c.clarity.ms&MXFR=38B8C5FE895A6FE60532D4D68D5A611B
https://c.clarity.ms/c.gif?CtsSyncId=0A994C2D7C204F76A3591260AA00B359&MUID=26A1A832BE0365601F3CB91ABFD1646A

42 B
368 B

35ms
35ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=0A994C2D7C204F76A3591260AA00B359&MUID=26A1A832BE0365601F3CB91ABFD1646A
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:36 GMT
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "f95a3e4769d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:36 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 47747C2FC6864CC3B811881E26C09523 Ref B: FRAEDGE1210 Ref C: 2022-01-10T04:26:37Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=0A994C2D7C204F76A3591260AA00B359&MUID=26A1A832BE0365601F3CB91ABFD1646A
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 index.php Show response
tw.beautyplayer.ca/ 122 B
1 KB 1034ms
1034ms XHR
text/html 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/index.php?route=account/account/get_user_track&token=659

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

d7637bfb674c709b17f7575e15596e0f4e5ef38d5bd6a0d030dc3fafd9d30eb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 04:26:37 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 imagesloaded.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/4.1.4/ 5 KB
2 KB 45ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.imagesloaded/4.1.4/imagesloaded.pkgd.min.js

Requested by

Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 254884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1606
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-15da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rhoMd6ckCQbd%2BoPTHqkG%2Fz3mlIYzilIXIBv0AML0JawX%2FE29zH9wqesjEmhGYYACTVFHkQaV5ftjpwK8Ju5vVRy%2Bndf%2BIHBsyY7pG8XYYNAYb4HRQsyHet2jpG%2FfLbhmdeQM4zWRCHvCUYoqxuoCWV2S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb325ebd8014e55-FRA
expires: Sat, 31 Dec 2022 04:26:36 GMT

GET
H3 200 is.min.js Show response
cdnjs.cloudflare.com/ajax/libs/is_js/0.9.0/ 13 KB
4 KB 48ms
26ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/is_js/0.9.0/is.min.js

Requested by

Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96725eba539addee483b61331ebf23289dc26d3f34301c244b96be9f6a2822be

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7868804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3685
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03eb6-337d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pa85fI%2FdWhuuWrUNb4h3AtRIRQMv7x82lzNgVeruUI9wE1SN0D4sqgZ6X9%2BJltFKaIBLU9V18vXT9Io26JIKJRijKLkLcz9sj7t2TTr0OdK5CPZsqqaEugsWrLZ3BzxbhigcQfhu9wMwzTW8Hlq6ombW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb325ebdffb4e55-FRA
expires: Sat, 31 Dec 2022 04:26:36 GMT

GET
H3 200 font-awesome.min.css
cdn.qdm.cloud/static/fontawesome/v3.2.1/css/ 22 KB
5 KB 34ms
34ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v3.2.1/css/font-awesome.min.css
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 00fd2df9390c7d67af597048b08e76074882e2ee9e36b78c94488b26d97048fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 346088
x-guploader-uploadid: ADPycdsOn2MhLyBMKH-8g3XJchXVb2NfloWfu59BIdaanAupuAlqFpqxunqdL4NHUVxlrCJRelGgCqqYZZ17vw29J-2IWBT92w
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 20 Mar 2020 10:30:21 GMT
server: cloudflare
etag: W/"1149b886eef2f820b9a683aa202f0fbe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=nBSjZg==, md5=EUm4hu7y+CC5poOqIC8Pvg==
x-goog-generation: 1584700221622150
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 22102
cf-ray: 6cb325ebd8472b4d-FRA
expires: Thu, 06 Jan 2022 05:18:28 GMT

GET
H3 200 font-awesome.min.css
cdn.qdm.cloud/static/fontawesome/v4.7.0/css/ 30 KB
7 KB 53ms
53ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v4.7.0/css/font-awesome.min.css
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 654a6b90bd1e8379f0f7b0f3f418c3bad7ee695fbd8979b7c22a993a85765486

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1740305
x-guploader-uploadid: ADPycdtezdKMHpmN2eXiihyHklHo76Nkm4aKtANLLGMx-IGzRGOTj5_1A56dqFPOfaAWW1bA087bLT0kLNG_7PF3oROROkTuIg
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 20 Mar 2020 10:28:32 GMT
server: cloudflare
etag: W/"d5f872a7b5ef20cc7f17994008393c8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=rLbI6g==, md5=1fhyp7XvIMx/F5lACDk8iw==
x-goog-generation: 1584700112475367
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 31018
cf-ray: 6cb325ebd8492b4d-FRA
expires: Tue, 21 Dec 2021 02:01:31 GMT

GET
H3 200 all.min.css
cdn.qdm.cloud/static/fontawesome/v5.11.2/css/ 159 KB
30 KB 35ms
35ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/all.min.css
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 1305261
x-guploader-uploadid: ADPycdu6NwqoQ2E3GntljJbzM8mWdsmu7xBliplLxw98HU-ba0qhPeBnRAq6Waeu2ji2r7Z3RTetsMSuU7hm34p4yNgNT1IQ1w
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 25 Sep 2019 09:07:38 GMT
server: cloudflare
etag: W/"0a4f9d4e59a60dc91ed451d57e4a8b80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Hd/y+A==, md5=Ck+dTlmmDcke1FHVfkqLgA==
x-goog-generation: 1569402458783277
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 163161
cf-ray: 6cb325ebd84c2b4d-FRA
expires: Sun, 26 Dec 2021 02:52:15 GMT

GET
H3 200 v4-shims.min.css
cdn.qdm.cloud/static/fontawesome/v5.11.2/css/ 26 KB
5 KB 32ms
32ms Stylesheet
text/css 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/v4-shims.min.css
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c6d5ac4c77a0cd4dcae820b87afd1ee0b18a72bf0dd8f7de168fd307ac47041

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 265957
x-guploader-uploadid: ADPycds1fY-KzlgsOrCAzbJ7Y1X6PIYrclEUuiFjJWSnkq7zN76jaQ8eGvBSs0E671c2HRJp5WB1rmjwmG9zEdZ_eCRmycL4gg
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 25 Sep 2019 09:07:39 GMT
server: cloudflare
etag: W/"3e9d03f6a39339eac3725fb123a921ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Zl9Q3A==, md5=Pp0D9qOTOerDcl+xI6kh7A==
x-goog-generation: 1569402459039031
access-control-allow-origin: *
content-type: text/css
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 26449
cf-ray: 6cb325ebd84e2b4d-FRA
expires: Fri, 07 Jan 2022 03:33:58 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
1 KB 69ms
26ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700&display=swap

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3253d08c20c480b1204b512fb5c6908a16cce0e919e4f5b27255e05a5e8f7bfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 03:58:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 10 Jan 2022 04:26:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 10 Jan 2022 04:26:36 GMT

GET
H3 200 animate.min.css
cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/ 70 KB
5 KB 35ms
27ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/animate.css/4.1.1/animate.min.css

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3309039
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4216
timing-allow-origin: *
last-modified: Mon, 07 Sep 2020 12:33:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f5628a2-11846"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RivGI4geRbuRl%2Fg1wUq6jiBkdeE7vXbAHaZIHtJ9s7SM4j9r8%2BOo0%2B0JPqhfV5srtxdpjwa%2BA18VeYffDiB0TIHy4Pp7qn9GL39SWKi%2BQ5di6efmVEnJpZTDFGB0%2BcMvgLgmSUxivbq1MjtLV8Zti4yb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb325ebdffe4e55-FRA
expires: Sat, 31 Dec 2022 04:26:36 GMT

GET
H3 200 iziToast.min.css
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/ 41 KB
10 KB 51ms
44ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/css/iziToast.min.css

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9371351
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 9391
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-a221"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OmaP2RazLsMaPKywm%2BZK2dHO4DNrDyPka2v%2BcwdyE6LAbsXZBxxCkAnAK6ZJ1ykiFnzoTajkTLCWu9OtkT3ihvOYa32n%2FkxDNZqzo43cYlPwcvpJ8qKiKALPNwCS5f%2FJS4jdBzXTVPyi2%2Ba9s3idh1%2BE"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb325ebdfff4e55-FRA
expires: Sat, 31 Dec 2022 04:26:36 GMT

GET
H3 200 global.css
image-cdn.qdm.cloud/site/q58f7434b783e1/ 1 KB
995 B 28ms
28ms Stylesheet
text/css 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://image-cdn.qdm.cloud/site/q58f7434b783e1/global.css?v=1615966548

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e94bb2e4afc6aac0df3ec5ec5217e4c6ca9a5f904dc6180cae06fbfc980ad80d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 101308
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 17 Mar 2021 07:35:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"6051b154-481"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000
cf-ray: 6cb325ebd8474db8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 75ms
40ms Fetch
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=168793843734901&input_token&origin=1&redirect_uri=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&sdk=joey&wants_cookie_data=true

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: qCK/ocgjBV4vfZ5bLDMNAO1BfnYk+2HkSKw+LaenRfPBQztksvFpOmm6PpQwQDO9JGmTjYRG0gFIYg8xzeMRvA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 10 Jan 2022 04:26:36 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://tw.beautyplayer.ca
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 51ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=168793843734901&ev=fb_page_view&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&rl=&if=false&ts=1641788796787&sw=1600&sh=1200&at=

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Mon, 10 Jan 2022 04:26:36 GMT

GET
H2 200 rtid.js Show response
cdn.doublemax.net/js/ 6 KB
2 KB 118ms
28ms Script
application/javascript 143.204.98.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doublemax.net/js/rtid.js
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-23.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2ebf481ad1fe4748ce8d245789b791932eba20002be07411736b67b2d657a11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 10:35:00 GMT
server: AmazonS3
x-amz-cf-pop: FRA50-C1
etag: W/"5f97e0fe230f643dad2353b7e42baa8a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
date: Mon, 10 Jan 2022 04:26:36 GMT
x-amz-cf-id: 8U9k3DLXr9x4QAIUinPjocL1xxXqGdNP96gcRp-yg0WNgiuBk-ML8A==

GET
H/1.1 200
OK eland_tracker.js Show response
dmp.eland-tech.com/dmpreceiver/ 681 B
1 KB 712ms
175ms Script
application/javascript 34.213.95.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.eland-tech.com/dmpreceiver/eland_tracker.js
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.95.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-95-5.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: fe534b792f5f25ace762a8e8ca1c8a13a319c23bc7f7f2d393d7007ffdba5202

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 04:26:36 GMT
Last-Modified: Tue, 30 Nov 2021 05:21:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"681-1638249670000"
Content-Type: application/javascript
Cache-Control: max-age=21600, no-cache="set-cookie"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 681
Expires: Mon, 10 Jan 2022 10:26:37 GMT

GET
H3 200 global.script.js Show response
image-cdn.qdm.cloud/site/q58f7434b783e1/ 19 B
486 B 27ms
26ms Script
application/javascript 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://image-cdn.qdm.cloud/site/q58f7434b783e1/global.script.js?v=1595239609

Requested by

Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

278d14102432128ab17b3d80d91b20926afb66eebff52452d3b36270b42f5bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 260816
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 20 Jul 2020 10:06:49 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "5f156cb9-13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325ec188e4db8-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 iziToast.min.js Show response
cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/ 18 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/izitoast/1.4.0/js/iziToast.min.js

Requested by

Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5391127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4440
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ebd-4836"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9p7EIFp7pr9QiexDuzLT31BSzONdef4QMombjzqFCReuj492n5Sac%2B%2Bg6vQDRPqnKEVn7tL6VG2FXhFGX82s1aT5SLvDSkFiLR6%2BnIKGhiAnKhCB9OTGtjWkDoA38LG50C1SBUpXUxXi7brs6MiqOfo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb325ec28584e55-FRA
expires: Sat, 31 Dec 2022 04:26:36 GMT

GET
H3 200 core.210831b.js Show response
cdn.qdm.cloud/assets/js/ 1 MB
315 KB 42ms
41ms Script
application/javascript 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/assets/js/core.210831b.js
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5683b0ad30bc31d9076392f67a51516332d397d6a8cabcec66ec4448159c413

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: HIT
age: 678850
x-guploader-uploadid: ADPycdswvDNJqMp9a76ceg7cNl0_MbFVwp6O2FhkZ0IWgyPuAkfI22gdtcX1sCs5AQKgTIdH-4HUdWrdZEE7RYO-LhQB-swMNA
x-goog-storage-class: REGIONAL
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-goog-meta-
last-modified: Tue, 31 Aug 2021 07:39:51 GMT
server: cloudflare
etag: W/"0e967675f653d681592ac460106316a0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=Op8tvA==, md5=DpZ2dfZT1oFZKsRgEGMWoA==
content-language: en
access-control-allow-origin: *
x-goog-generation: 1630395591929879
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1150492
cf-ray: 6cb325ec28892b4d-FRA
content-type: application/javascript
expires: Sun, 02 Jan 2022 08:52:26 GMT

GET
H3 200 jquery.scrolldepth.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-scrolldepth/1.2.0/ 4 KB
2 KB 25ms
24ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-scrolldepth/1.2.0/jquery.scrolldepth.min.js

Requested by

Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/assets/js/LAB.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f028ba6a21099e00b3d4ba908e2e0cfc4e943eac6199e9a5d508beda2336df6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 513731
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1240
timing-allow-origin: *
last-modified: Fri, 03 Jul 2020 21:15:24 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eff9fec-eff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VQa5%2BU3ufLqxq3FfvoJN00lLM28aXt7dTlcEBhCfIXLr6NSvyu4XkyBBrHipneGl25eyzums0sRnw%2BxvxO%2FPSoGCzAD5Ruz8ElnhRnasY3I9YNCl1hIdmzF63rjlXaBaZ1xKTyvL4p1WE%2BCkWSDeJEI8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6cb325ec28594e55-FRA
expires: Sat, 31 Dec 2022 04:26:36 GMT

GET
H3 200 fontawesome-webfont.woff
cdn.qdm.cloud/static/fontawesome/v3.2.1/font/ 43 KB
43 KB 66ms
46ms Font
application/font-woff 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v3.2.1/font/fontawesome-webfont.woff?v=3.2.1
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/static/fontawesome/v3.2.1/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f

Request headers

Referer: https://cdn.qdm.cloud/static/fontawesome/v3.2.1/css/font-awesome.min.css
Origin: https://tw.beautyplayer.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
content-encoding: br
cf-cache-status: MISS
x-guploader-uploadid: ADPycdsG7_JR35DOoVv3fRoyeKK6T7Kzge2xwJVSIj3bvM_0pzMdmOhHB5DP8w5RM9TLByXAIBsd9_j2k4BsqI4f9m19WZ7aYA
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 20 Mar 2020 10:30:24 GMT
server: cloudflare
etag: W/"b683029bafe0305ac2234038a03e1541"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=jfJcQA==, md5=toMCm6/gMFrCI0A4oD4VQQ==
x-goog-generation: 1584700224587096
access-control-allow-origin: *
content-type: application/font-woff
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 43572
cf-ray: 6cb325ec5b8d5c14-FRA
expires: Mon, 10 Jan 2022 05:16:03 GMT

GET
H3 200 fa-regular-400.woff2
cdn.qdm.cloud/static/fontawesome/v5.11.2/webfonts/ 156 KB
157 KB 27ms
27ms Font
application/octet-stream 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/webfonts/fa-regular-400.woff2
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b

Request headers

Referer: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/all.min.css
Origin: https://tw.beautyplayer.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
cf-cache-status: HIT
age: 32626
x-guploader-uploadid: ADPycdv-0DJhf8_-eHOy_SsThmyZQp27R9x4jhuJEc9Llpkhqur2OJyQnWDAIoFSnKhIxdwSWxXLQZkpVDF09trFz-Qe003I6A
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 159884
last-modified: Wed, 25 Sep 2019 09:07:40 GMT
server: cloudflare
etag: "126e3505907e02ed1fdc86058cb4ce3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=0QnFRg==, md5=Em41BZB+Au0f3IYFjLTOOg==
x-goog-generation: 1569402460374268
access-control-allow-origin: *
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 159884
accept-ranges: bytes
cf-ray: 6cb325ecac0a5c14-FRA
expires: Sun, 09 Jan 2022 19:30:44 GMT

GET
H3 200 fontawesome-webfont.woff2
cdn.qdm.cloud/static/fontawesome/v4.7.0/fonts/ 75 KB
76 KB 40ms
40ms Font
application/octet-stream 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/static/fontawesome/v4.7.0/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://cdn.qdm.cloud/static/fontawesome/v4.7.0/css/font-awesome.min.css
Origin: https://tw.beautyplayer.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
cf-cache-status: HIT
age: 32626
x-guploader-uploadid: ADPycduRimnAvbrcEiDyI0FlooWjBVNzemotWPcL85u4aMg1bkOk9Nszp3y0yhCwHtcNjLetcoEBAJ3Yb1XHJkFhhJw
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
last-modified: Fri, 20 Mar 2020 10:28:36 GMT
server: cloudflare
etag: "af7ae505a9eed503f8b8e6982036873e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=hGsrhw==, md5=r3rlBanu1QP4uOaYIDaHPg==
x-goog-generation: 1584700116122099
access-control-allow-origin: *
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 77160
accept-ranges: bytes
cf-ray: 6cb325ecbc165c14-FRA
expires: Sun, 09 Jan 2022 19:30:44 GMT

GET
H3 200 fa-solid-900.woff2
cdn.qdm.cloud/static/fontawesome/v5.11.2/webfonts/ 127 KB
128 KB 70ms
69ms Font
application/octet-stream 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/webfonts/fa-solid-900.woff2
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca

Request headers

Referer: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/all.min.css
Origin: https://tw.beautyplayer.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
cf-cache-status: HIT
age: 32626
x-guploader-uploadid: ADPycdsb9sMOQOcOBq-ZvBNU_3d7bmQ7JiaGAJCwjcgl3cuLKZ9zMQ5lm_W6icE8cl6Q1RIS8Uj-5wue-9mmQa3x8PU
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 129832
last-modified: Wed, 25 Sep 2019 09:07:43 GMT
server: cloudflare
etag: "dbe8505cf4eb137c63b6c375e02c225e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=9NtjEQ==, md5=2+hQXPTrE3xjtsN14CwiXg==
x-goog-generation: 1569402463485146
access-control-allow-origin: *
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 129832
accept-ranges: bytes
cf-ray: 6cb325ecbc205c14-FRA
expires: Sun, 09 Jan 2022 19:30:44 GMT

GET
H3 200 fa-brands-400.woff2
cdn.qdm.cloud/static/fontawesome/v5.11.2/webfonts/ 74 KB
74 KB 72ms
72ms Font
application/octet-stream 2606:4700:10::6816:917
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/webfonts/fa-brands-400.woff2
Requested by: Host: cdn.qdm.cloud
URL: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6816:917 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b

Request headers

Referer: https://cdn.qdm.cloud/static/fontawesome/v5.11.2/css/all.min.css
Origin: https://tw.beautyplayer.ca
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:36 GMT
cf-cache-status: HIT
age: 32626
x-guploader-uploadid: ADPycdtwuhHbBpUlJn0OPhA3BuQmwlNmOdBENN6L2RAyANb096BS4PZSvFjn1RgwkH41MOobyBdoz_RZjqYN3iVWK4Y
x-goog-storage-class: ARCHIVE
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 75308
last-modified: Wed, 25 Sep 2019 09:07:43 GMT
server: cloudflare
etag: "10591474ee3e18d1e6aa6a24ded22f42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-goog-hash: crc32c=/JenUQ==, md5=EFkUdO4+GNHmqmok3tIvQg==
x-goog-generation: 1569402463804602
access-control-allow-origin: *
content-type: application/octet-stream
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 75308
accept-ranges: bytes
cf-ray: 6cb325ecbc215c14-FRA
expires: Sun, 09 Jan 2022 20:22:50 GMT

GET
H2 200 landing.php Show response
fp.holmesmind.com/ Frame 1F14 0
217 B 563ms
280ms Document
text/html 34.117.219.39
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fp.holmesmind.com/landing.php?CFFPCKUUIDMAIN=7647-3LCQBgTb4tShv287F5wn1CoOpwtoqkRV&CFFPCKUUID=8624-oPW9f5V7fxij3k4nuG4CPo52hXwuPAYm&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&maindomain=tw.beautyplayer.ca
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/rtid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.219.39 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 39.219.117.34.bc.googleusercontent.com
Software: nginx/1.20.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

server: nginx/1.20.0
date: Mon, 10 Jan 2022 04:26:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: *
access-control-allow-headers: x-requested-with,content-type
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/456773823/ 3 KB
1 KB 490ms
249ms Script
text/javascript 2a00:1450:4019:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456773823/?random=1641788797024&cv=9&fst=1641788797024&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8c4ff4f3181d523b6443fffb9548ee385b2a8da8915c1cd4b6aea1165c71970

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1156
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/456773823/ 3 KB
1 KB 284ms
253ms Script
text/javascript 2a00:1450:4019:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456773823/?random=1641788797235&cv=9&fst=1641788797235&num=1&value=1699.0000&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D182&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ab6c610d64f9b5e305f5ba15a8ef8696772c29ccc7e64f25e682af097104060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1196
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/456773823/ 42 B
64 B 53ms
27ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/456773823/?random=1641788797024&cv=9&fst=1641787200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&async=1&fmt=3&is_vtc=1&random=637911080&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/456773823/ 42 B
64 B 29ms
29ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/456773823/?random=1641788797024&cv=9&fst=1641787200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&async=1&fmt=3&is_vtc=1&random=637911080&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/456773823/ 42 B
64 B 54ms
29ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/456773823/?random=1641788797235&cv=9&fst=1641787200000&num=1&value=1699.0000&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D182&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&async=1&fmt=3&is_vtc=1&random=1145470219&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/456773823/ 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/456773823/?random=1641788797235&cv=9&fst=1641787200000&num=1&value=1699.0000&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Dview_item%3Bgoogle_business_vertical%3Dretail%3Bid%3D182&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&async=1&fmt=3&is_vtc=1&random=1145470219&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK el_load.min.js Show response
dmp.eland-tech.com/dmpreceiver/ 3 KB
3 KB 176ms
176ms Script
application/javascript 34.213.95.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.eland-tech.com/dmpreceiver/el_load.min.js
Requested by: Host: dmp.eland-tech.com
URL: https://dmp.eland-tech.com/dmpreceiver/eland_tracker.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.95.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-95-5.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: bd2a7dec65b8d4dd82207b374de33d9c487662bf95bdf62e5988ee540715ff25

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 04:26:37 GMT
Last-Modified: Tue, 30 Nov 2021 05:21:10 GMT
Server: Apache-Coyote/1.1
ETag: W/"3156-1638249670000"
Content-Type: application/javascript
Cache-Control: max-age=21600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3156
Expires: Mon, 10 Jan 2022 10:26:37 GMT

GET
H2 200 index.php Show response
tw.beautyplayer.ca/ 59 B
1 KB 313ms
312ms XHR
application/json 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/index.php?route=common/header/getLoggedInUserInfo&token=16417887975871808

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

af78e6d4770cb789084342798f4f588d54172cd95c49586e575abb9fecf498d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 04:26:37 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 72 KB
26 KB 88ms
35ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 740
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 01 Dec 2021 08:23:25 GMT
server: cloudflare
etag: W/"11ee2-5d2116348919c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 6cb325f149cc68e6-FRA
cf-bgj: minify

GET
H2 200 index.php Show response
tw.beautyplayer.ca/ 87 B
730 B 277ms
276ms XHR
text/html 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/index.php?route=product/product/review&product_id=182

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

ff22c0a16cea7a56432d406df46efcb15cc101fd95363bcd0afad5b84757e8c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 04:26:37 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 index.php Show response
tw.beautyplayer.ca/ 2 KB
2 KB 315ms
315ms XHR
text/html 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/index.php?route=module/free_present

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

33e56f571071921b2e48316fb7be76b393c90a1ed70f3c43eb096fdce6498ca6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 04:26:37 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 page.php Show response
www.facebook.com/plugins/ Frame 7A7D 14 KB
6 KB 70ms
51ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fbeautyplayermask/&tabs&width=500&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=138789459815890

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b740795ac784852c04ab248451dddc5d6352a2594ab43abc811e37138f8d08bd

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: hY05Nn1HM9I0BFqxZ4edih0ZdPU9fMLe8hKG/DoJPvg/ZcMINW4U+Dgv8/8mUp0gPSfY2mdFv0bd6PAC4Xf7ug==
date: Mon, 10 Jan 2022 04:26:37 GMT
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i

POST
H2 204 collect Show response
g.clarity.ms/ 0
95 B 132ms
132ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: g.clarity.ms
URL: https://g.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://tw.beautyplayer.ca
date: Mon, 10 Jan 2022 04:26:37 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H3 200 299c6d05a285ff6f6326052441a2418c.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 17 KB
18 KB 29ms
29ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/299c6d05a285ff6f6326052441a2418c.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a2a595079620af2d843fd7bcfcb03301830e44b818ed8090a585c271aed97b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 842816
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17557
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:22:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffb42f-4495"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325f11e3c4db8-FRA
expires: Thu, 08 Jan 2032 04:26:37 GMT

GET
H3 200 6b61e781b3d16764895a15891830c4ae.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 17 KB
18 KB 32ms
31ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/6b61e781b3d16764895a15891830c4ae.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b692fd53c81453da0159529adc70d480b36f4d2efa340a9ffc2b8ab537a6fae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 235117
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17790
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:13:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffb21f-457e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325f11e3d4db8-FRA
expires: Thu, 08 Jan 2032 04:26:37 GMT

GET
H3 200 ___1.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 17 KB
17 KB 33ms
32ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/___1.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916238ac8a4b41b1942ec7ec7b09ceeaf822f8df462642d1edcf3136ff49780f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 308230
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17431
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:31:09 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffb63d-4417"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325f11e3e4db8-FRA
expires: Thu, 08 Jan 2032 04:26:37 GMT

GET
H3 200 f443928f8829bf2563006c4f1ae3d639.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 18 KB
19 KB 33ms
33ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/f443928f8829bf2563006c4f1ae3d639.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61580d5692d2fd4a668ef822483c0a553da8d3e694e3042e680946d2f60a6200

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413449
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 18548
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:03:21 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffafb9-4874"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325f11e3f4db8-FRA
expires: Thu, 08 Jan 2032 04:26:37 GMT

GET
H3 200 9b57b117b228e54b157d1be128f48421.png
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/ 17 KB
17 KB 49ms
49ms Image
image/png 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/data/9b57b117b228e54b157d1be128f48421.png

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38afa875175bdb5cb38939ea9026dec15843d8d0bd757e4ad156dacf2f4bc7e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 413448
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 16921
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 27 Jul 2021 07:01:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "60ffaf4e-4219"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/png
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325f11e434db8-FRA
expires: Thu, 08 Jan 2032 04:26:37 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
60 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQ3NPRP

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f399c96e81b1bff7d1a081542d80a2bf434bb7669c1c2614899acec6dc9bac30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61618
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 04:26:37 GMT

GET
H2 200 itlowDaSUU8.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 7A7D 20 KB
6 KB 85ms
47ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/itlowDaSUU8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2Fbeautyplayermask/&tabs&width=500&height=214&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=138789459815890

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a1cbf1feb69e4d01568c109411b910de160679a430a8499b9ae981eecaa2b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wckN6NDF7i6aOePcXz7dDg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 4988
x-fb-rlafr: 0
x-fb-debug: vsgWktn0iQ/8lbMFylivKIBWgH8KyR9VHcc6Ae78b8GjpSw0NkzWUXx1jaRSJd3ofd24AzjbWjHq02qVUI14tQ==
x-fb-trip-id: 2050670934
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Jan 2023 16:57:22 GMT

GET
H2 200 hotjar-1716948.js Show response
static.hotjar.com/c/ 4 KB
2 KB 116ms
48ms Script
application/javascript 13.225.80.89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1716948.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQ3NPRP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.80.89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-80-89.fra2.r.cloudfront.net

Software

Resource Hash

5fef9a937425abb2379443653df672230aa257d2b8aefbd97b1594cc35a3234c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
x-content-type-options: nosniff
cache-control: max-age=60
x-amz-cf-pop: FRA2-C2
etag: W/61651ed4f6bc054e6dfd877bda24e811
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cross-origin-resource-policy: cross-origin
content-length: 1889
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-id: K6oBFUNxTQPbX96tyr5WBrNvdC3YStX6wi6Pt-oLE-XpzVcgyHelzg==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 15 KB
6 KB 61ms
18ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

be008c63ddefca3ce28657d3bec71467649a1cd0d6d83631ba31fe61e82bef6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 10 Jan 2022 04:06:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1196
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5733
x-amz-id-2: ivai2Ri/8CCYBBwoVk/3iLVlW98YV/YueT4pkn6ahwlRzICIgXtUuJHOZ4efSnqmnVPSagj00p4=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 11 Feb 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 06 Jan 2022 11:58:19 GMT
server: ATS
etag: "5e3751507a07e4eab1dc62336254faa3-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: BQ3MH3VPS9NBG5B0
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: yimss6le6oItGvrWNEatTw9Yuf3OpsiL
accept-ranges: bytes
content-type: application/javascript

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 127 KB
47 KB 44ms
44ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PKQGGVF

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b6e38e4f23f04a06a6b713d04e72f4358579049e53b396c9598c37cc6b1ae26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47966
x-xss-protection: 0
last-modified: Mon, 10 Jan 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 10 Jan 2022 04:26:37 GMT

GET
H3 200 zh-TW.js Show response
static.addtoany.com/menu/locale/ 1 KB
1 KB 58ms
37ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/locale/zh-TW.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab9527ee8da2d5445dc3dd12fe937548092e9b358929f7342bb2526105d7a475

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 907669
cf-polished: origSize=1385
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 10 Nov 2018 02:45:12 GMT
server: cloudflare
etag: W/"569-57a467501695a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1209600
cf-ray: 6cb325f1cbbf6925-FRA
cf-bgj: minify

GET
H3 200 sm.23.html Show response
static.addtoany.com/menu/ Frame 9D9F 741 B
822 B 52ms
37ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.23.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
content-type: text/html; charset=utf-8
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
last-modified: Wed, 22 Sep 2021 23:42:51 GMT
etag: W/"2e5-5cc9e128a4c38"
cache-control: max-age=315360000, immutable
vary: Accept-Encoding
via: e4s
cf-cache-status: HIT
age: 1741162
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 6cb325f1cbc26925-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 icons.30.svg.js Show response
static.addtoany.com/menu/svg/ 77 KB
33 KB 45ms
38ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.30.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 5258949
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 10 Nov 2021 01:49:04 GMT
server: cloudflare
etag: W/"132a9-5d0656e4a26b3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 6cb325f1cbc36925-FRA
cf-bgj: minify

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
22 B 52ms
26ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-121829175-8&cid=1925182564.1641788796&jid=758890234&gjid=1969111668&_gid=1617351726.1641788798&_u=aCDAgEABEAAAAE~&z=948229569

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 Jan 2022 04:26:37 GMT
content-type: text/plain
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PKQGGVF

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5131
date: Mon, 10 Jan 2022 03:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 10 Jan 2022 05:01:06 GMT

GET
H2 200 lt.js Show response
d.line-scdn.net/n/line_tag/public/release/v1/ 32 KB
10 KB 552ms
18ms Script
application/javascript 2.18.232.182
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://d.line-scdn.net/n/line_tag/public/release/v1/lt.js
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.182 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-182.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 261595338fd9066332abdbde9ab8f2cf826985e226e2d03904777799e54c9665

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
content-encoding: gzip
last-modified: Tue, 10 Nov 2020 06:15:35 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=180
accept-ranges: bytes
content-length: 9865
expires: Mon, 10 Jan 2022 04:29:38 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
17ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=520779674&t=pageview&_s=1&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&ul=en-us&de=UTF-8&dt=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEABE~&jid=758890234&gjid=1969111668&cid=1925182564.1641788796&tid=UA-121829175-8&_gid=1617351726.1641788798&gtm=2wg150PKQGGVF&z=2069464679

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 16:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43218
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10045297.json Show response
s.yimg.com/wi/config/ 2 B
449 B 51ms
18ms XHR
application/json 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10045297.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:00:21 GMT
x-content-type-options: nosniff
age: 1576
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: YDQ5GW76W8T3VNYW
x-amz-id-2: r/tirpbFD3DZzz8eBahEP9XBQmhcY/fJ5BUVXx8Bf3tFjco5jsyMRud/vNnpCfzFtjn3Kx15HZU=
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
content-length: 2

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 17ms
17ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.48

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 20661
x-xss-protection: 0
pragma: public
x-fb-debug: axlmXtHiWlfgTVjpuyy9LhhKPztyNtYgZkDuOaTRHNajSl4Om+UJASbKxOUcIXZhJCPjaqOaChFnoMsWYfB5NA==
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:37 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 612070492607418 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 72ms
72ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/612070492607418?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ba22c3a0699d12fe7a0f6b82bb99e06bad77c6c7e02cb4ea8e3d34e1edfe3cdb

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: X/bZh39MSY0Np07s06NjJAxxmxuwu8Ui4TWgMPBw81nEXH1h6/IEEuWzoXnsBtaVr6u539PwcY9mlkHPkLrtbg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:37 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.2cec256bd961a22ae708.js Show response
script.hotjar.com/ 227 KB
60 KB 66ms
19ms Script
application/javascript 13.224.193.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.2cec256bd961a22ae708.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1716948.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.193.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-193-122.fra2.r.cloudfront.net

Software

Resource Hash

ea2f014468a380dc5df1c1d3d7cf09a9202ac27b502b2e4c35d3c8b92a0d5dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 06 Jan 2022 16:23:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 302611
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 60962
access-control-allow-origin: *
last-modified: Thu, 06 Jan 2022 16:22:19 GMT
etag: "fec35cd2e9a39968eda98ed1f6a8493e"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: rZwXX5mDH2EnSLGDHAA6TspwHy7apuRyPuAtvf761mzzq82MsuIz-A==

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
715 B 133ms
45ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Mon%2C%2010%20Jan%202022%2004%3A26%3A37%20GMT&n=0&b=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&.yp=10045297&f=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&enc=UTF-8&yv=1.11.0&tagmgr=gtm

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:37 GMT
x-content-type-options: nosniff
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security: max-age=31536000
accept-ranges: bytes
content-length: 43
referrer-policy: strict-origin-when-cross-origin
expires: Mon, 10 Jan 2022 04:26:37 GMT

GET
H2 200 box-a1ae2079824d1c48aa9ce06efb256f18.html Show response
vars.hotjar.com/ Frame 59D5 2 KB
1 KB 60ms
16ms Document
text/html 13.224.193.73
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vars.hotjar.com/box-a1ae2079824d1c48aa9ce06efb256f18.html
Requested by: Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1716948.js?sv=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-73.fra2.r.cloudfront.net
Software: /
Resource Hash: d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

content-type: text/html
content-length: 1044
date: Thu, 02 Dec 2021 15:53:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "6215abf691a11c2f451680e635d30daa"
last-modified: Thu, 02 Dec 2021 15:52:57 GMT
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 7a18a0a1d9929dae345690b88b08dd5e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: KQIUj_BE3yu6LqWrsGeZxCcg0RoROR4GyjwpWJpe9ZNhTCkt0cHMUQ==
age: 3328411

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 84ms
84ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=612070492607418&ev=PageView&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&rl=&if=false&ts=1641788797893&sw=1600&sh=1200&ud[external_id]=ef27a7747e30b5cb517b1e6378d577b4&v=2.9.48&r=stable&a=plQDM&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%222805207123141802%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22TWD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%22146911304050495%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1641788797892.216261007&it=1641788797787&coo=false&dpo=&eid=q58f7434b783e1ce13fd1a-d54e-4638-8848-08e1fc26c2d4v&rqm=GET

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:37 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 10 Jan 2022 04:26:37 GMT

GET
H2 200 index.php Show response
tw.beautyplayer.ca/ 507 B
1 KB 450ms
450ms XHR
text/html 35.201.236.149
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tw.beautyplayer.ca/index.php?route=module/cart

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.201.236.149 Taipei, Taiwan, ASN15169 (GOOGLE, US),

Reverse DNS

149.236.201.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

921e70ab99851ce4ccfe7895eafd17b010e35a4f0556a7e776069e7b7e5ea1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: text/html, */*; q=0.01
Referer: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
last-modified: Mon, 10 Jan 2022 04:26:38 GMT
server: nginx
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/456773823/ 3 KB
1 KB 253ms
253ms Script
text/javascript 2a00:1450:4019:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/456773823/?random=1641788797938&cv=9&fst=1641788797938&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&ig=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:803::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33c7b707c49507a95bb8ed5c779ff01983df7e379a05d86d98f2a05c5f979931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1160
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 17ms
17ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=612070492607418&ev=ViewContent&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&rl=&if=false&ts=1641788798090&cd[content_name]=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%A6%AE%E7%9B%92&cd[value]=1699&cd[currency]=TWD&sw=1600&sh=1200&ud[external_id]=ef27a7747e30b5cb517b1e6378d577b4&v=2.9.48&r=stable&a=plQDM&ec=1&o=30&fbp=fb.1.1641788797892.216261007&it=1641788797787&coo=false&dpo=&eid=q58f7434b783e1ce13fd1a-d54e-4638-8848-08e1fc26c2d4c&rqm=GET

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Mon, 10 Jan 2022 04:26:38 GMT

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 03:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Jan 2022 04:38:49 GMT

GET
H3 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:18:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 467
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 12:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 10 Jan 2022 05:18:51 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 94 KB
37 KB 41ms
41ms Script
application/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-P3QMSK4&t=newTracker&cid=1925182564.1641788796

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23f674dd996ed309468cec91c9785b83af197a817fbe55728fe657e6dbe6722b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37705
x-xss-protection: 0
expires: Mon, 10 Jan 2022 04:26:38 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 25ms
25ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-484577-12&cid=1925182564.1641788796&jid=311288333&gjid=1199172740&_gid=1617351726.1641788798&_u=aCDAgEIrUAAAAE~&z=1226905401

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 Jan 2022 04:26:38 GMT
content-type: text/plain
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 25ms
25ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-126641399-1&cid=1925182564.1641788796&jid=1500986058&gjid=1797353614&_gid=1617351726.1641788798&_u=aCDAgEIrUAAAAE~&z=2012852106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 10 Jan 2022 04:26:38 GMT
content-type: text/plain
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=520779674&t=pageview&cu=TWD&_s=1&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&dp=%2Fproduct%2Fproduct%26product_id%3D182&ul=en-us&de=UTF-8&dt=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEIrUAAAAE~&jid=311288333&gjid=1199172740&cid=1925182564.1641788796&tid=UA-484577-12&_gid=1617351726.1641788798&pa=detail&pr1id=182&pr1nm=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%A6%AE%E7%9B%92&pr1ca=%E5%84%AA%E6%83%A0%E6%B4%BB%E5%8B%95%2F%E3%80%90%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E3%80%91&z=1722661977

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 16:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43219
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=520779674&t=pageview&cu=TWD&_s=1&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&dp=%2Fproduct%2Fproduct%26product_id%3D182&ul=en-us&de=UTF-8&dt=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAgEIrUAAAAE~&jid=1500986058&gjid=1797353614&cid=1925182564.1641788796&tid=UA-126641399-1&_gid=1617351726.1641788798&pa=detail&pr1id=182&pr1nm=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%A6%AE%E7%9B%92&pr1ca=%E5%84%AA%E6%83%A0%E6%B4%BB%E5%8B%95%2F%E3%80%90%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E3%80%91&z=1714518692

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 16:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43219
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/456773823/ 42 B
64 B 28ms
28ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/456773823/?random=1641788797938&cv=9&fst=1641787200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&async=1&fmt=3&is_vtc=1&random=2434403450&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.se/pagead/1p-user-list/456773823/ 42 B
64 B 27ms
27ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/pagead/1p-user-list/456773823/?random=1641788797938&cv=9&fst=1641787200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa150&sendb=1&data=event%3Doptimize.callback&frm=0&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&tiba=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&async=1&fmt=3&is_vtc=1&random=2434403450&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 26ms
26ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-484577-12&cid=1925182564.1641788796&jid=311288333&_u=aCDAgEIrUAAAAE~&z=1964405494

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.se/ads/ 42 B
63 B 28ms
28ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-484577-12&cid=1925182564.1641788796&jid=311288333&_u=aCDAgEIrUAAAAE~&z=1964405494

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 28ms
27ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126641399-1&cid=1925182564.1641788796&jid=1500986058&_u=aCDAgEIrUAAAAE~&z=1645202429

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.se/ads/ 42 B
63 B 28ms
28ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-126641399-1&cid=1925182564.1641788796&jid=1500986058&_u=aCDAgEIrUAAAAE~&z=1645202429

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ___3-max-w-1024.jpg
image-cdn-flare.qdm.cloud/q58f7434b783e1/image/cache/data/ 254 KB
255 KB 1586ms
1586ms Image
image/jpeg 2606:4700:10::6816:817
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-cdn-flare.qdm.cloud/q58f7434b783e1/image/cache/data/___3-max-w-1024.jpg

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:817 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6f2aeecc8b6dab976f830167c1849d1f3795509bb93a7031f6424152ce3ddae

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:39 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 260199
x-xss-protection: 1; mode=block
x-ua-compatible: IE=Edge
referrer-policy: strict-origin-when-cross-origin
last-modified: Sat, 08 Jan 2022 12:39:07 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "61d985eb-3f867"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=63072000; includeSubDomains; preload;
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6cb325f57b974db8-FRA
expires: Thu, 08 Jan 2032 04:26:39 GMT

GET
H/1.1 200
OK tag.gif
tr.line.me/ 43 B
425 B 1147ms
267ms Image
image/gif 147.92.191.92
LINE LINE Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.line.me/tag.gif?b_id=e97dc09f-ec14-4194-8223-dcd5db109ef7&b_u=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&b_d=tw.beautyplayer.ca&b_p=%2Fproduct%2Fproduct%26product_id%3D182&b_q=%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&b_t=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&c_t=lap&t_id=e9c9bdac-04c8-4b10-87a6-1e23ec46eb4d&s_id=ca39475e-f3852ff7&x4=1&e=pv&v=3.0.0&_t=1641788798337
Requested by: Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 147.92.191.92 , Japan, ASN38631 (LINE LINE Corporation, JP),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 10 Jan 2022 04:26:39 GMT
Cache-Control: private, no-store, no-cache, must-revalidate
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H3 200 / Show response
www.facebook.com/tr/ Frame BED5 0
15 B 17ms
17ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: tw.beautyplayer.ca
URL: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://tw.beautyplayer.ca
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

content-type: text/plain
access-control-allow-origin: https://tw.beautyplayer.ca
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
date: Mon, 10 Jan 2022 04:26:38 GMT

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame AB41 3 KB
3 KB 88ms
18ms Document
text/html 2600:9000:20eb:6200:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm?rtid=8282001
Requested by: Host: cdn.doublemax.net
URL: https://cdn.doublemax.net/js/rtid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:6200:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ef36c54a8970de684a3fda047b98b9835013bc6dc732889a59dfb0b789c91083

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

content-type: text/html
content-length: 2834
last-modified: Thu, 16 Dec 2021 03:21:40 GMT
x-amz-version-id: hFP2Dbhg2mZwleAbJg_nl5dFPosFCjn7
accept-ranges: bytes
server: AmazonS3
date: Mon, 10 Jan 2022 04:26:19 GMT
etag: "1e75e05f4e8821318bbfd65d4196b78c"
x-cache: Hit from cloudfront
via: 1.1 cb33a7a4640adbb55df3e0d143601558.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: Zf249oVI7RTu1IechpS2fiTVHx9iw7I1RApiLZN7rLNkh3FCVhrpXQ==
age: 65

GET
H2 200 el_fingerprint.min.js Show response
cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/ 28 KB
11 KB 63ms
27ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/el_fingerprint.min.js

Requested by

Host: dmp.eland-tech.com
URL: https://dmp.eland-tech.com/dmpreceiver/el_load.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4c5502291d57f8a08e7182b90bf5def94bc9604102eb49e4c12fea526c931c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6593902
x-jsd-version: 3.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19145-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"71f7-WjsbghBBOz00odMfSN6gW8g+s5g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cb325f78a434e0d-FRA

GET
H2 200 el_util.min.js Show response
cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/ 13 KB
4 KB 61ms
24ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/el_util.min.js

Requested by

Host: dmp.eland-tech.com
URL: https://dmp.eland-tech.com/dmpreceiver/el_load.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8b1b66b37325fc99d5b0b612b82310d71029c417a8d4ff710f9a3ff7f87773f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 6318393
x-jsd-version: 3.6
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19180-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"34de-5aauoK+FZCt1sMM5UQuTtt7Lzys"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cb325f79a464e0d-FRA

POST
H2 204 collect Show response
g.clarity.ms/ 0
48 B 131ms
131ms XHR
text/plain 52.182.214.99
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://g.clarity.ms/collect
Requested by: Host: g.clarity.ms
URL: https://g.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.182.214.99 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: https://tw.beautyplayer.ca
date: Mon, 10 Jan 2022 04:26:38 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:7f62cbe7-9d8b-4a41-a628-fbaa3aa5c695

GET
H2

200

cm
c.holmesmind.com/ Frame AB41
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
507 B

127ms
126ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm?rtid=8282001
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:39 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Mon, 10 Jan 2022 04:26:38 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK viewreceiver Show response
dmp.eland-tech.com/dmpreceiver/ Frame 0425 0
938 B 176ms
175ms Document
text/html 34.213.95.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.eland-tech.com/dmpreceiver/viewreceiver?&DMP_SR=CAP8282&target=usual&url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&refer_url=&platform=PC&os=Windows&browser=Chrome&subDomain=%E5%84%AA%E6%83%A0%E6%B4%BB%E5%8B%95&trackType=view&adSrTag=bpsms&adMediumTag=sms&adCampaignTag=cny-chic20220110&ce=1&item_name=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84&item_id=182&fp2=1645b1b280554ccefc7957712a9806f4&
Requested by: Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/el_util.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.213.95.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-213-95-5.us-west-2.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Mon, 10 Jan 2022 04:26:38 GMT
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Server: Apache-Coyote/1.1
X-Robots-Tag: noindex, nofollow, noarchive, none
Content-Length: 0
Connection: keep-alive

GET
H3 200 comments.php
www.facebook.com/v12.0/plugins/ Frame DC37 0
0 36ms
35ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/comments.php?app_id=168793843734901&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df132642ded420ec%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182&locale=en_US&numposts=5&order_by=time&sdk=joey&version=v12.0&width=

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

content-type: text/html;charset=utf-8
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 0
x-fb-debug: oUw2duy2TYguQdDSpKXldeZP1/2CVa+Vhm0pdykSv+Ll4QPMyCj39aOc2rwbZK9iErGf8JIPuVIfAVm4gshxhg==
content-length: 0
date: Mon, 10 Jan 2022 04:26:40 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/facade_gating/ 37 B
78 B 117ms
97ms XHR
application/json 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade_gating/?page_id=370587236668314&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a3bcea36b87ea1233d3bbdae85edad2e0b22e4764069059cec89832433711973

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: oLoTVsju15c/zH2Nb980/guVPRW3P+KdeOLdW3vYoTowWyGsNeLcc0DXy4uF5a8KROa/pnuDuKckwntasrYz9g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:40 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://tw.beautyplayer.ca
vary: Accept-Encoding
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=520779674&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&ul=en-us&de=UTF-8&dt=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E8%A8%AA%E5%95%8F%E6%B7%B1%E5%BA%A6&ea=%2Fproduct%2Fproduct%26product_id%3D182&el=%E7%B6%B2%E9%A0%81%E7%80%8F%E8%A6%BD%2010%25&_u=aCDAgEIrUAAAAE~&jid=&gjid=&cid=1925182564.1641788796&tid=UA-121829175-8&_gid=1617351726.1641788798&gtm=2wg150PKQGGVF&z=1239139781

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 16:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43221
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 18ms
17ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=520779674&t=event&ni=1&_s=1&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&ul=en-us&de=UTF-8&dt=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=%E8%A8%AA%E5%95%8F%E6%B7%B1%E5%BA%A6&ea=%2Fproduct%2Fproduct%26product_id%3D182&el=%E7%B6%B2%E9%A0%81%E7%80%8F%E8%A6%BD%2020%25&_u=aCDAgEIrUAAAAE~&jid=&gjid=&cid=1925182564.1641788796&tid=UA-121829175-8&_gid=1617351726.1641788798&gtm=2wg150PKQGGVF&z=1624008593

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 09 Jan 2022 16:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 43221
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
26 B 138ms
138ms XHR
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=168793843734901&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df247362e975671%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&event_name=chat_plugin_sdk_dialog_iframe_create&greeting_dialog_delay=1&greeting_dialog_display=fade&loading_time=0&locale=en_US&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&logged_in_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&logged_out_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&page_id=370587236668314&ref=QDM&request_time=1641788800548&sdk=joey&suppress_http_code=1&theme_color=%23dd2a2e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: jLvsbCFdgRRphWJabFvM0GZJXA1pf5mRM+/9Xi4TZOZtwm0EBuk05B1ds0MmFPUsw4j+NZ+sjR5s3chFRacqxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:40 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 customerchat.php Show response
www.facebook.com/v12.0/plugins/ Frame 5BCA 102 KB
31 KB 221ms
221ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=168793843734901&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df247362e975671%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&greeting_dialog_delay=1&greeting_dialog_display=fade&locale=en_US&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&logged_in_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&logged_out_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&page_id=370587236668314&ref=QDM&request_time=1641788800547&sdk=joey&theme_color=%23dd2a2e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6a3a2b65718ecbaef56385d3886e7aea403b25b4dde07dd7976dabe41043a922

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://tw.beautyplayer.ca; default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: frame-ancestors https://tw.beautyplayer.ca; default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: O9wXAi1ynWPVk97lpZQmUnFcdKuvDnKZKDVTVRSGCA3l9eOYXKiHKcDj3OvyClRk2EYB23kof7MYQAIk1GVRdg==
date: Mon, 10 Jan 2022 04:26:40 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 itlowDaSUU8.css
static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/ Frame 5BCA 20 KB
5 KB 56ms
37ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yg/l/0,cross/itlowDaSUU8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=168793843734901&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df247362e975671%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&greeting_dialog_delay=1&greeting_dialog_display=fade&locale=en_US&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&logged_in_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&logged_out_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&page_id=370587236668314&ref=QDM&request_time=1641788800547&sdk=joey&theme_color=%23dd2a2e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4a1cbf1feb69e4d01568c109411b910de160679a430a8499b9ae981eecaa2b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: wckN6NDF7i6aOePcXz7dDg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 4988
x-fb-rlafr: 0
x-fb-debug: vsgWktn0iQ/8lbMFylivKIBWgH8KyR9VHcc6Ae78b8GjpSw0NkzWUXx1jaRSJd3ofd24AzjbWjHq02qVUI14tQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Jan 2023 16:57:22 GMT

GET
H3 200 FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame 5BCA 2 KB
869 B 57ms
37ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: qki4Wy05mlz5CwH9oqDKag==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 815
x-fb-rlafr: 0
x-fb-debug: 3QD9Z0oPLKK0qzL5/iy02NR8ZbEYcxKFjbnqrSuq/dgZgQn0FO5YYXfCvfA+mDtYex6d26NRLoGDjo3OBNYhjg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 00:03:33 GMT

GET
H3 200 yGH_rZQkNRw.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yN/r/ Frame 5BCA 307 KB
83 KB 55ms
36ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

41b646a874e4cc09d73c01cf2a4698fbd6285896e649662e4973ea6db703d05d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xEaDuUVh0vfXFxx41ZNPDQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 84561
x-fb-rlafr: 0
x-fb-debug: CarjQuWLNbWd0UNz2YpQAeYPqT3QCD6XvCHEugjVovWtty+YedmV4MWxhWVpfo41dr2qXNXOQ4PAQUHt2oSztA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 18:58:04 GMT

GET
H3 200 GG1Y0sYc7My.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 5BCA 5 KB
2 KB 56ms
37ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kw22OIA6eDgOltzbJdNVmQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1640
x-fb-rlafr: 0
x-fb-debug: LoeOzjoRlECHF9yVjXOEatzfuRK2G9yEBGTjSCUoqiNlfjTC00FqLCODngoqdHuoerKBgItl1XL0zIzOugwgbQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 18:24:47 GMT

GET
H3 200 T8BJ7ETas0v.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame 5BCA 41 KB
13 KB 37ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/T8BJ7ETas0v.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: VOcZ8I8uJKc3nOE1gwDd/g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 13499
x-fb-rlafr: 0
x-fb-debug: GPGqmKwmNXPV4hWpEGvmDJ3efvFWNhkQCxd4IryT0RgVCsZ/bsd/p1FkhayeXvwrBwV6LFRXCy/Gqc4hQP/vjA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 18:27:07 GMT

GET
H3 200 xyCIQCGmYe4.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame 5BCA 46 KB
15 KB 37ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/xyCIQCGmYe4.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sR6bQ1Us80pnn5qvyfl2lg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 14881
x-fb-rlafr: 0
x-fb-debug: ksblLdcpfkgb+QovKFMfOoZ6E0kiV0moGYVu/IwsT+uE2u4DluZEhi9UOiFvDl+LLqUYSWcCH29qGdx9HEwfdw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 00:02:17 GMT

GET
H3 200 NJlWx6fwL53.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 5BCA 22 KB
8 KB 54ms
35ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/NJlWx6fwL53.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

276a77095cdc65e26ce50775980db2dba953c141c20fd0f01f69b79e29e70f62

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 9/GL4pQAG9CuIn9u0zWL5Q==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 7699
x-fb-rlafr: 0
x-fb-debug: x6sW9O+LlG7m/COEXwtnSeQd63CRjL6HkxrZKnErsr8MZ55SK17fQs+1C61IcriQlh6L8r31MEAnAUYLFRMqtQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 21:18:27 GMT

GET
H3 200 i-yKy1bp4DP.js Show response
static.xx.fbcdn.net/rsrc.php/v3iwIi4/yJ/l/en_US/ Frame 5BCA 849 KB
134 KB 54ms
36ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iwIi4/yJ/l/en_US/i-yKy1bp4DP.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46bb6cb2b0d590cb89c1e8726deb7507dfd4a1b26e391b7bbf7d40562a4594ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: agljwB+gX243ZmtVPzLidQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 137058
x-fb-rlafr: 0
x-fb-debug: LH1TyZ7UvxDbBrAA0+fDedKPVQN/dBi8dJby3uqtJaT/9twZ3JZiUC+RmpxyPDbsUWtfisPvU4TWAIWkSIzZUA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Jan 2023 07:43:26 GMT

GET
H3 200 x9ZrO_yAkJs.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/ Frame 5BCA 82 KB
22 KB 18ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4c0752b37b4f74e2e83dd5c1a8dda11d5f3a0534d857ea7a50a7e87530270d21

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: s06YHKP82cEFC6ripSzfLA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 22909
x-fb-rlafr: 0
x-fb-debug: fZPqNI8WSD09IxBArPtcABEi9UqJJXm69PfNUgbJsd2WrsKzD46Xv5eHkBEEMiPBPiUykKHYc8rhS1z7F+olAQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 19:15:13 GMT

GET
H3 200 InDHUbH2zHG.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame 5BCA 21 KB
7 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/InDHUbH2zHG.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d0120afbe63c38539eed856bbef4d49a92c45f78262bb705640d383bcbc0bfe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XJ6KN7mUBdSuqxW9u/0TXQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 6967
x-fb-rlafr: 0
x-fb-debug: Q/FXqASF1opAoVpAidrFUysUZM7fxDdvRpa7IcB4HSryRGEsOnrV6Y9igqostKmiBT0vWfgegc2q17LvFdaYMQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:19:38 GMT

GET
H3 200 CWJINsGKrOS.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y3/r/ Frame 5BCA 18 KB
6 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y3/r/CWJINsGKrOS.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4rHnUh0ztUMBselfW2HUmA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 5946
x-fb-rlafr: 0
x-fb-debug: pTOr2y55YbeZNjsVHCw/s/nRIMJi1UWf8t9PoaGvhN51tjmo+PLw03mKfe6vFoT9ACo+LeHMy3HzN5rjjh735Q==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 01 Jan 2023 02:33:38 GMT

GET
H3 200 cN-N4Eu_deZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 5BCA 7 KB
2 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: XkHzn1WHKMxOAJmWI3FJ7A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 2277
x-fb-rlafr: 0
x-fb-debug: WqrAbDr+MYKt1MA5rtpuEsVQ9RYZEhxCnjDn2UdLbjNAtQBN39NQZACoJQ2MqbK37HkWc/uM/1Imn6dYuF6tHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 00:01:38 GMT

GET
H3 200 ah6R-G74KaH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 5BCA 26 KB
8 KB 21ms
20ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/ah6R-G74KaH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4881ea8a07a6d2647da213af975cc9172c8a7dcb09609c823cfe5aa059b75161

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: CF89rExLxYu4/Z5Kg+cXRQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 8427
x-fb-rlafr: 0
x-fb-debug: GZ/+z+podkLsonjV0GCm3BuLp9WRRyq548FKcl+aW92hmrcSGfVrnlj1h/9byWD1GMFWLbOL9Rk4ofaFJ0mOVw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 00:02:17 GMT

GET
H3 200 ul5EbyAQlhC.js Show response
static.xx.fbcdn.net/rsrc.php/v3igzm4/yC/l/en_US/ Frame 5BCA 212 KB
52 KB 23ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3igzm4/yC/l/en_US/ul5EbyAQlhC.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a2cd920049bd261db60804174bc8cdd8707fc181f9e3dbf214c7c1e26d5479ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6wHIpI5iHJ3H0saqLkjSQQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 53432
x-fb-rlafr: 0
x-fb-debug: /Z9NIv5nywaScEmDGC07+sZUFwhl4IG7nmubtvitHYktKI1SK9WF5YfUKd3ahh5uCuaKunTy5cA3R3WFckMysQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 01:15:18 GMT

GET
H3 200 zvGKQS-V-77.js Show response
static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_US/ Frame 5BCA 179 KB
52 KB 24ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yu/l/en_US/zvGKQS-V-77.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d552d3145e87e9feacd04d7ef25b603afb9d592b9875cd3d6af46ce95e744ccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 1SLS4Gtgp9l2qaCerPML5w==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 53118
x-fb-rlafr: 0
x-fb-debug: iubqOmY3Lj525AdcyDj3WKLCmTLnqbHW+dFQMfeFnTMCx3Tjh6AcOcSeqpcQFt/VsOqlD+Rp6Sjjszz1QpCesw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:19:38 GMT

GET
H3 200 1vHeb4aQWQj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yQ/r/ Frame 5BCA 54 KB
14 KB 25ms
23ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yQ/r/1vHeb4aQWQj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fbc61bb9c418ee40501a09e2f195f48264cafaedfdcf43f2011b673f3d1d6f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: TGKyG8E6BRabAkPcMmSorQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 14231
x-fb-rlafr: 0
x-fb-debug: ELl4XV5ssgccccVSLXU4mTwDvB/yBknLXAdC6T1MEooBbYlVvSJ/hvfBJ3EmqjcDypY7SGU908q3Jeu+9IhcHA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 20:36:57 GMT

GET
H3 200 qKxWJF7dHWt.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yU/r/ Frame 5BCA 199 KB
45 KB 26ms
24ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yU/r/qKxWJF7dHWt.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

feca2dbb970226e8a8f21da8f25a1abef3f3f061f7834b74e829f3fee055d954

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Y90f3i+GRszybKrFz3STRg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 46048
x-fb-rlafr: 0
x-fb-debug: M7dnFeFds2tIqiXyyi+0JtjMpp1VkjaXkWPXtwTrdYBdbjlJZWFWoObVpStVCNQ+zp4QbBctrIZyrTYv+iO2Tw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 23:15:51 GMT

GET
H3 200 w1CjoLuxjKg.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 5BCA 2 KB
1 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/w1CjoLuxjKg.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

44062c88180765ead8496d96152b06cf67d7f9f0f722cf68a6a25cb4a3bb6c5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: UJfMMtQ9Bg2tSIShB+KOng==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1058
x-fb-rlafr: 0
x-fb-debug: f33+ra6kSt0R1CkHd9At1on6CV5O+0eXsOW69/GMg6KgrpGt+l9HGgfkPZeHGP5JM4JkCe/PMLyHT4maFpEUQg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 00:02:17 GMT

GET
H3 200 smIvwycR9Rs.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame 5BCA 69 KB
18 KB 27ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/smIvwycR9Rs.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cee3dba74877e0e190c6c5db376408a19db4567aaef469d3759580ff04bc7a67

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x++ogkaWdHkfguUfmRT7WA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 18844
x-fb-rlafr: 0
x-fb-debug: BbXjJVuJ3w/o/ZvGDiY/j/EvWKj7ud1WTWZWzVvpLI3RxZY6Qccvjx07CTbVx6ee4MXSyKM3A0yFSAng7jxPOw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Jan 2023 16:57:22 GMT

GET
H3 200 -w48qAFeXq2.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yZ/r/ Frame 5BCA 7 KB
3 KB 28ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yZ/r/-w48qAFeXq2.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5e19be927b1d8c16659aa51e1f8c632caa4dc20faf474480833270e3aa622217

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dvOu1zaOMVC4mSFkCEUAeQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 2560
x-fb-rlafr: 0
x-fb-debug: bG8HHXY/RFOS3PIlYml08q1cesLvHZmxR1833d8Ip6e79B9FxTt82eVAT59b6hBD7gJtQeiN3lii55y8TaObpA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:19:38 GMT

GET
H3 200 fKbwGAswQeH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yb/r/ Frame 5BCA 3 KB
896 B 28ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/r/fKbwGAswQeH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85f77520a75fec02d6b95a1af23a8b4e7807f8b84f794b414213770c34fc7c44

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 4gCatEWxtf7E7SgLRw+sJg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 836
x-fb-rlafr: 0
x-fb-debug: Cf8cW4mrH01efJjHiUQBzTx9VuSJxjZsgLDZN01m4NbqnLabb5u3i1/gkueSM2FoJv9rU+wPJZDNEelZOk9FEw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Thu, 05 Jan 2023 02:19:38 GMT

GET
H3 200 ETD5CBuiaIE.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 5BCA 115 KB
30 KB 28ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/ETD5CBuiaIE.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

99d6c57093bed832ad2cf849724d3d3435896b547c8ddda15ec8025c2b7bd7fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DL1ZjqUYrx85q2M+R+kiCw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 30742
x-fb-rlafr: 0
x-fb-debug: SbLkncM2qo/51GccTxxL8mZtsrV1PbmrFEjUSr4nwUw4Bl5VW9V51ubrpjIuZ2hiIXZjob81E8S6D/bgiejyTA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 17:59:24 GMT

GET
H3 200 adkjEBzu5_0.js Show response
static.xx.fbcdn.net/rsrc.php/v3iEBX4/yx/l/en_US/ Frame 5BCA 56 KB
16 KB 28ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iEBX4/yx/l/en_US/adkjEBzu5_0.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6383fbd9c9377155aec82349de48bb6c9e09066c3ccb361a9a7a403001e47614

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: n5bMU0fWuXK16juUMTSdYg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 16507
x-fb-rlafr: 0
x-fb-debug: KIRC7r4UoREd7JnS+70KZsOWdAl5nH+hwaoqOnpw6vaUCXQZyJmxpqaZVXbxSvrT2Nm3TKSTafV04Lj6fjKE6w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 19:40:52 GMT

GET
H3 200 fjh6FO76g0N.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame 5BCA 6 KB
2 KB 29ms
26ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/fjh6FO76g0N.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b50f37ac7dc04a7b751bbeb03d674be5e834bbfe0da0b9d0368a611bcd71b0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: kLIHGHt7OnpipI1qnUOWsg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1477
x-fb-rlafr: 0
x-fb-debug: kag0q+lhwbwBhMK/MkhkWfTnaP2wGjLDnNzYO7Z6oCQX+qC38HkdieVjOgxEMve/j9GPnnWFNjEDilmrUQO88w==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Jan 2023 17:22:02 GMT

GET
H3 200 EU2fqcRv6EZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yV/r/ Frame 5BCA 347 KB
74 KB 29ms
27ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yV/r/EU2fqcRv6EZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

419b12628c9be092d5dbdfca38aa68e950c09a90ddf63012414ac92cae48f0f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: sGki3ma5MF7Qw6f9UHpDbg==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 75508
x-fb-rlafr: 0
x-fb-debug: OTT79mC3T5y3CFN82fbTrpdN9xsbh+BBJfMk601WSgvdgBZ4rti6WnO4f3UYItNL7oMdGP3LQfI5VFCSQIi0yA==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Jan 2023 16:57:22 GMT

GET
H3 200 VRzSVH5iU-V.js Show response
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame 5BCA 8 KB
2 KB 29ms
27ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/VRzSVH5iU-V.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: xP9c/D1lFTvbdouj8XbBew==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 2065
x-fb-rlafr: 0
x-fb-debug: 7hY3Vi74VsMnkQ0DupFPrdp7Vvxs3sP1T0BEHAJXgG1dywYxn9q6cLijTncCI5lal0VR8BK84+kcHH+uGjMxcQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 00:02:05 GMT

GET
H3 200 uDygrKncdso.js Show response
static.xx.fbcdn.net/rsrc.php/v3iYb-4/ym/l/en_US/ Frame 5BCA 86 KB
17 KB 30ms
27ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iYb-4/ym/l/en_US/uDygrKncdso.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c284a15d4a8436193e2dace3e0408e40f1eb880c3017bbc99553c4cebeee6979

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: x9ibQk6ZFtK7QZCZSQRCZQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 16956
x-fb-rlafr: 0
x-fb-debug: XgR/n88JI4b25bJIfu9STBpzf6uyWOkWG8PGkoWifIUlMu23xPNm5vFMA54MZdMgGbCv3Dwl4sAeSyrqOpnCKg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Jan 2023 07:54:21 GMT

GET
H3 200 WdmXDXsQAnl.js Show response
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame 5BCA 7 KB
3 KB 29ms
27ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/WdmXDXsQAnl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9a960626aac5824774a307af4ca5735045ea3df5d0ff77a6bff753c24cc03ef7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: O+vDqPd+B/1513OOTJmdHA==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 2530
x-fb-rlafr: 0
x-fb-debug: 31/2xHULMpzPkpyAUPcr+03/OiwOzMsu5+kQp3qFRpCWXoUM45porI8qm7IkaVQlsJAqh4YRukAZiclbN5d7Pg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 17:01:57 GMT

GET
H3 200 _-bes_NC9gz.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 5BCA 51 KB
13 KB 30ms
27ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/_-bes_NC9gz.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6fda496239f7844a90beab8da7c5dd1e43ae3cc1aaca6c2792990f920a1dc59e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: rPeWRchTLjxf6ethUI47gQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 12856
x-fb-rlafr: 0
x-fb-debug: djvMy6RFJLdTZL02+Q7X3WvLztLAX0FFQbTQ7LkDbn/VUKRbezKxcArfCnTUOkR1w13in38nONVXzNwlDtNyFw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 27 Dec 2022 07:54:29 GMT

GET
H3 200 NEJZAX-rsIW.js Show response
static.xx.fbcdn.net/rsrc.php/v3iFIo4/yK/l/en_US/ Frame 5BCA 288 KB
72 KB 30ms
28ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iFIo4/yK/l/en_US/NEJZAX-rsIW.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ee185038d2a12324a2ae730f3882d156678075a76e4f69200477fc238a42c3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: D9BvacJA7kr+tePnV3f4WQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 73953
x-fb-rlafr: 0
x-fb-debug: 0wdJlBHpF32Zq2LT//zUcWoNGshnPiN4OEeUWhsG5LxBdsOyayva1sOJ6lEnvYv5oRUFY4PBcfa9lwPhrVFUvQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 17:09:56 GMT

GET
H3 200 awk3vkw0TWm.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yO/r/ Frame 5BCA 31 KB
10 KB 30ms
28ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yO/r/awk3vkw0TWm.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a4356a08ee73877e8545f12636010deb618281698520957fcf5bc610ead611d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: dWCGY9J9CQYI45hsdPMY1A==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 10060
x-fb-rlafr: 0
x-fb-debug: yGd9izSXMpl/0YD3dlxUgbrvhRBHP1pxz40HFaJc3RK3m+EXxGJCTROFODRqtOJRsFCJly/CSwLIz6kOBVYDqQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 17:33:08 GMT

GET
H3 200 Xc-buPNEADH.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 5BCA 7 KB
2 KB 31ms
28ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/Xc-buPNEADH.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

df0bed942f45f0500f3169a6a007f51ece4894ee645ee5aec24e0293a5bc75a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: Dwq94l52g6uBsJG8hnC/cQ==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 2339
x-fb-rlafr: 0
x-fb-debug: KsehR/IH7yC/32SGYzEU7V9KomBnwBKSOV3xoGVyKqchBUIKoemuWtMJoKxJE4tdJULbQ9TkCCQBFkpyEIu9xw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 20:06:28 GMT

GET
H3 200 uwzVSCQFIc8.css
static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/ Frame 5BCA 413 KB
113 KB 31ms
29ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/ys/l/0,cross/uwzVSCQFIc8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

07c0834caf5b03b1aaaac65504d1e744d27d5ed77c67b134b28bf391f517b7f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ifvoN98lOuvOBmYORC99iw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 115852
x-fb-rlafr: 0
x-fb-debug: qNEf4msX/QjgtgH41kKAIwo27aJZ0rOi1Ug4PIy76hkcccxezuQHw8OzwHzdfSxnOEMvsJcqyp+VSdbrnoKBpg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 20:57:10 GMT

GET
H3 200 HROPO5QoEin.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ Frame 5BCA 4 KB
1012 B 31ms
29ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/HROPO5QoEin.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ba2b27c8412419065a260018cd8c47e4053e76674b3b0a55c6d945b18a0509e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: i1htgyAA/p4JWiUzB+reQw==
document-policy: force-load-at-top
content-security-policy-report-only: default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 946
x-fb-rlafr: 0
x-fb-debug: VcSDJ/i/40RFTFPYwr3Dpy8a/2JDYsiPKRzWEzKcQDMSwXvJxulnyXnBEq0+m/sPAcNcDitWWYcuCn7/E81hag==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 Jan 2023 17:22:02 GMT

GET
H3 200 r_YBvfVlqpy.css
static.xx.fbcdn.net/rsrc.php/v3/yh/l/0,cross/ Frame 5BCA 33 KB
7 KB 31ms
29ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yh/l/0,cross/r_YBvfVlqpy.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

25ef1ba0c2f30c8c7c02906bb28e928db4352ec48ee9186848a4826b4ca125b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 10XAJyu1dYZumccqZWOv4g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 6719
x-fb-rlafr: 0
x-fb-debug: HSZHVSC7w1L9BTC8y/usS/A9FbdcEKIbF0FulZuaR057YTrgBf5006VJTN8BocrzLORaT6T/paV6SdVAfFsivg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 06 Jan 2023 02:43:40 GMT

GET
H3 200 aFWE_6-elLh.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/ Frame 5BCA 19 KB
4 KB 31ms
30ms Stylesheet
text/css 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/0,cross/aFWE_6-elLh.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yN/r/yGH_rZQkNRw.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d58d86cb259067bc2bb8c7727373bd40456bbbfd17de8bd9bc84d55e7b79bf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:40 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: zEE+8Bt9WHj9AvB8eYRm8g==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 3953
x-fb-rlafr: 0
x-fb-debug: UZp7jkyuHMmINd0Ea5bPILjhNyiEKd8rfJiWZgm+L4zk7SMuFA2aQmoRhkVdWlkHF1E9G+ip19pB6hLLRYSbFw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 09 Jan 2023 16:58:44 GMT

GET
H3 200 bubble Show response
www.facebook.com/v12.0/plugins/customer_chat/ Frame A515 22 KB
9 KB 57ms
57ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

88478594efd6b56eb88149ed4749cabcf4e4aac23db2a98623edc40acb9ebb47

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: D7t2SNiv3fHyG77aLh7Pqc+boM+aOQ5ZAGdNvRXE/L7UchW55TMm8OFi4c9UOrrlCbi/SzTpvDl4y1yl2FnhCA==
date: Mon, 10 Jan 2022 04:26:41 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET bubble
www.facebook.com/v12.0/plugins/customer_chat/ Frame 533D 0
0

GET
H3 200 bubble Show response
www.facebook.com/v12.0/plugins/customer_chat/ Frame DE99 22 KB
9 KB 53ms
53ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46df9d176eecd29eed2ce18055ff35674a612f444a460792d4ba4c5278f7a867

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://tw.beautyplayer.ca/

Response headers

vary: Accept-Encoding
content-encoding: br
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: same-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version: v12.0
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: qjGIJYBY3GEhwfk8Hky3RoTJhNOIJ3itz4nNSzFUOcqsSs7wHo75p3XVs6A2wr7ZE38aVYZ6Y2e6keJ2AfpS2A==
date: Mon, 10 Jan 2022 04:26:41 GMT
priority: u=3,i
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
26 B 44ms
43ms XHR
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=168793843734901&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df247362e975671%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&event_name=chat_plugin_sdk_dialog_iframe_load&greeting_dialog_delay=1&greeting_dialog_display=fade&loading_time=496&locale=en_US&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&logged_in_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&logged_out_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&page_id=370587236668314&ref=QDM&request_time=1641788801044&sdk=joey&suppress_http_code=1&theme_color=%23dd2a2e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 4ZSoZ/E8RX0apmP51eegmkNuDy21IQVRTWNNNOkN5fzlllvHCjTL3zMicbXmtcj4l8ra789VnA1LBVvCGnkSzw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:41 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 yeDV_yBDjcV.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y_/l/de_DE/ Frame A515 519 KB
135 KB 39ms
19ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y_/l/de_DE/yeDV_yBDjcV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0afb40ef6f76e2d99c2366cfb38054f69e01704ee3ed6ec36003c1a3e24edb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vnWCu9reL/B0FLvq8jAn9Q==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 138640
x-fb-rlafr: 0
x-fb-debug: ZjIzOskiYyDo7hGNea0VejCJlY4+Nftj+ZkpAJ4v1KMWhZ09n5ZGU3KY3V9wGg5pkt4tbyKABWbPLemgZY4EWw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 19:30:37 GMT

GET
H3 200 yeDV_yBDjcV.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y_/l/de_DE/ Frame DE99 519 KB
135 KB 37ms
18ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y_/l/de_DE/yeDV_yBDjcV.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0afb40ef6f76e2d99c2366cfb38054f69e01704ee3ed6ec36003c1a3e24edb02

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 10 Jan 2022 04:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: vnWCu9reL/B0FLvq8jAn9Q==
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 138640
x-fb-rlafr: 0
x-fb-debug: ZjIzOskiYyDo7hGNea0VejCJlY4+Nftj+ZkpAJ4v1KMWhZ09n5ZGU3KY3V9wGg5pkt4tbyKABWbPLemgZY4EWw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sat, 07 Jan 2023 19:30:37 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame DE99 67 B
101 B 39ms
38ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1641788801107&t_start=1641788801107&t_domcontent=1641788801109&t_layout=1641788801231&t_onload=1641788801231&t_paint=1641788801231&t_creport=1641788801231&t_tti=1641788801109&lid=7051429208609797949-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: FJbJs075ZSUeRGE9EpzKmRr7gjtD5cGkREOJRS4AUs5kNn+wmlhP8pFEU3PhvGMsuZ6iNR0UR+qaRgLxPKuV0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:41 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 cavalry_endpoint.php
www.facebook.com/common/ Frame A515 67 B
101 B 38ms
37ms Image
image/png 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1641788801105&t_start=1641788801105&t_domcontent=1641788801108&t_layout=1641788801238&t_onload=1641788801238&t_paint=1641788801238&t_creport=1641788801238&t_tti=1641788801108&lid=7051429208306041730-0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/v12.0/plugins/customer_chat/bubble
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 02AXYEZ6c+qpWjIgF6/NOdLmqMTC+gJto6Hr/JE/jELu4GBJaW9hHSCyZdkx37OlXiJtLEf13+IFoA6orIcmrQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:41 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
26 B 40ms
39ms XHR
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=168793843734901&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df247362e975671%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&event_name=chat_plugin_sdk_icon_iframe_load&greeting_dialog_delay=1&greeting_dialog_display=fade&loading_time=195&locale=en_US&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&logged_in_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&logged_out_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&page_id=370587236668314&ref=QDM&request_time=1641788801239&sdk=joey&suppress_http_code=1&theme_color=%23dd2a2e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=4cd5661ca42afd439acbf1b48fb3574e

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: jMiT5zhJP2iktMMxz8zv80sm5EJlDxZBJze1oEOS0xkheQ42tuLuYM2F4cYsSILrRqlzKl22IPuSCvarn+g2VQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:41 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: private, no-cache, no-store, must-revalidate
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 200 / Show response
www.facebook.com/plugins/chat/tab_impression_logging/ Frame 5BCA 113 B
132 B 38ms
38ms XHR
application/x-javascript 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/chat/tab_impression_logging/?page_id=370587236668314&request_id=e692d6bf-284f-4fc9-8600-e5c5bb5a029a&plugin_interface=desktop&user_is_logged_in=false&tab_name=plugin_icon&loading_time=4&client_loading_time=696&debug_data=%7B%22fromTime%22%3A1641788801239%2C%22now%22%3A1641788801243%2C%22loadingTime%22%3A4%2C%22clientLoadingTime%22%3A696%2C%22hasStorageAccess%22%3Atrue%2C%22screenSize%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%2C%22size%22%3A%221600x1200%22%7D%7D&event_timestamp=1641788801244&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&server_loading_time=656

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3iEpO4/y0/l/en_US/x9ZrO_yAkJs.js?_nc_x=Ij3Wp8lg5Kz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

28a7266304514e58bc6509836178c0426ab43dedf2700af77ced04808113f4f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

X-FB-LSD: fxsStzvBTslwUlCw0EhhBn
Referer: https://www.facebook.com/v12.0/plugins/customerchat.php?app_id=168793843734901&attribution=setup_tool&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df247362e975671%26domain%3Dtw.beautyplayer.ca%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftw.beautyplayer.ca%252Ff2cafb55b2479ac%26relation%3Dparent.parent&container_width=0&current_url=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&greeting_dialog_delay=1&greeting_dialog_display=fade&locale=en_US&log_id=48126209-2aa4-463b-81ce-b14ec0bbea6e&logged_in_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&logged_out_greeting=%E6%AD%A1%E8%BF%8E%E5%85%89%E8%87%A8BeautyPlayer%EF%BC%8C%E9%BB%9E%E6%AD%A4%E6%AA%A2%E6%B8%AC%E8%86%9A%E8%B3%AA%E9%82%84%E5%8F%AF%E4%BB%A5%E9%A0%98%E6%8A%98%E6%89%A3%E9%87%91%E5%93%A6%EF%BC%81&page_id=370587236668314&ref=QDM&request_time=1641788800547&sdk=joey&theme_color=%23dd2a2e
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: mz3uBvOOe3dAks6X2Hvd1a/HwhBedw585QOPTVv5/ljgc4tefQsfswm6Klds/+BVCajDe8m/woc/CLipRZBaBA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 10 Jan 2022 04:26:41 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3 204 collect
analytics.google.com/g/ 0
17 B 48ms
24ms Ping
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-TE53XM4LCT&gtm=2oe150&_p=520779674&sr=1600x1200&ul=en-us&cid=1925182564.1641788796&dl=https%3A%2F%2Ftw.beautyplayer.ca%2Fproduct%2Fproduct%26product_id%3D182%3Futm_source%3Dbpsms%26utm_medium%3Dsms%26utm_campaign%3Dcny-chic20220110&dt=%E4%BA%AB%E5%8F%97%E4%B8%8D%E5%AF%82%E5%AF%9E%E8%81%AF%E5%90%8D%E7%B5%84%20%7C%20Beauty%20Player%E6%84%9B%E7%BE%8E%E7%8E%A9%E5%AE%B6&sid=1641788796&sct=1&seg=0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TE53XM4LCT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://tw.beautyplayer.ca/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 10 Jan 2022 04:26:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://tw.beautyplayer.ca
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 46514507_660705874323114_5709548043754274816_n.png
scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p80x80/ Frame 5BCA 4 KB
4 KB 78ms
33ms Image
image/png 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p80x80/46514507_660705874323114_5709548043754274816_n.png?_nc_cat=108&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=M5KpKnZUujUAX9O4M5b&_nc_ht=scontent.xx&edm=AJo6ZFEEAAAA&oh=00_AT9WtvfF8htfdnk7sUS1k6kI3IkmflZnpunqEWljsMy-Ag&oe=62023B5A
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e848186385fa528822b0caabd69076146f2a362c4ffc3d9bc9d646fe99f06e59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-haystack-needlechecksum: 294620891
date: Mon, 10 Jan 2022 04:26:42 GMT
x-fb-trip-id: 917726464
last-modified: Mon, 26 Nov 2018 11:04:11 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=1209600, no-transform
x-fb-edge-debug: EohobCTy6mYFhDd2wgxgRCkHlO9E56dTSG_moQuBncsMFXhUQEX_h6qlBQScrQE6Ioq6y89n8cyCuYEtkaK1AAQieQi6q9vZA-ofhu_d_3M
cross-origin-resource-policy: cross-origin
x-needle-checksum: 875690604
timing-allow-origin: *
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 4163

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/v12.0/plugins/customer_chat/bubble

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dmp.eland-tech.com/dmpreceiver/	1969-12-31 23:59:59	Name: JSESSIONID Value: C742F56780AEA34FBDFB59EFDE84BE44
lihi1.com/	1970-01-21 19:51:08	Name: redirect_id Value: eyJpdiI6ImdmTWI4eTlTTUFKdmRCY3YxZDZDaGc9PSIsInZhbHVlIjoiMytFRWUxS0pVVDZuY082SHdJM3BleWh3RlFSQndwOXpSUk1LNWQ1Sk1hb2N0T1kzeEpBbWhsTHFFUTNJaG5zcyIsIm1hYyI6IjA5Y2UwYWVhYTc4YWY5NjIwZDI1MzQ4NWQ1Y2UyZTlhMDUyZmI1NmI3ODkyOWU2ZTU0NjA5MTBhZDA2Y2EwYzgifQ%3D%3D
lihi1.com/	1970-01-20 00:03:08	Name: lihi_session Value: eyJpdiI6IlhxbGNmb1lPZm1KUGlTQXVjb0FzRkE9PSIsInZhbHVlIjoicVg4dlJEdkc1VU8rVkYrbDl3Z1lERTMyRkRpNGxcLzRrYzluQ2ZcL1wvUFN4XC9zM1l2aGRFcEtMVkRwQVRZSzRwdUQiLCJtYWMiOiJjYmZiYTE1MmNlY2E4MjNhOTgxZDQ5NGRmMTZjNGNkNzg3MzI0MTgzNWM0ZWRmNzU0MWZkNTcwZDMwMmMzYTdjIn0%3D
tw.beautyplayer.ca/	1969-12-31 23:59:59	Name: QDMWEBSESS Value: 2piaa8ci6jo3bo9f7bl7pkfsej
tw.beautyplayer.ca/	1969-12-31 23:59:59	Name: utm_source Value: bpsms
tw.beautyplayer.ca/	1969-12-31 23:59:59	Name: utm_campaign Value: cny-chic20220110
tw.beautyplayer.ca/	1969-12-31 23:59:59	Name: utm_medium Value: sms
tw.beautyplayer.ca/	1970-01-20 08:48:44	Name: QDMPPID Value: ef27a7747e30b5cb517b1e6378d577b4
tw.beautyplayer.ca/	1970-01-20 00:10:20	Name: qdmfbevent_id Value: q58f7434b783e1ce13fd1a-d54e-4638-8848-08e1fc26c2d4c
www.clarity.ms/	1970-01-20 08:48:44	Name: CLID Value: 345ed508f19b4371b95038c3d1bbd7b7.20220110.20230110
tw.beautyplayer.ca/	1970-01-20 00:46:20	Name: CFFPCKUUID Value: 8624-oPW9f5V7fxij3k4nuG4CPo52hXwuPAYm
.tw.beautyplayer.ca/	1970-01-20 00:46:20	Name: CFFPCKUUIDMAIN Value: 7647-3LCQBgTb4tShv287F5wn1CoOpwtoqkRV
.beautyplayer.ca/	1970-01-20 02:12:44	Name: _gcl_au Value: 1.1.505254458.1641788797
.c.bing.com/	1970-01-20 09:24:44	Name: SRM_B Value: 26A1A832BE0365601F3CB91ABFD1646A
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:24:44	Name: MUID Value: 26A1A832BE0365601F3CB91ABFD1646A
.c.clarity.ms/	1970-01-20 00:03:09	Name: ANONCHK Value: 0
.beautyplayer.ca/	1970-01-20 17:34:20	Name: _ga_TE53XM4LCT Value: GS1.1.1641788796.1.0.1641788797.59
.beautyplayer.ca/	1970-01-20 08:48:44	Name: _clck Value: 1bwaq2u\|1\|ey0\|0
.doubleclick.net/	1970-01-20 09:24:44	Name: IDE Value: AHWqTUk82wwqIylqbrdkl0p2P6Igf6RbvzxrvIjHkigg1pD7khQ2HojqmJ3pseTh
dmp.eland-tech.com/	1970-01-20 00:03:10	Name: AWSELBCORS Value: F18B0BC5168B8529F375F860BE0B0658FAD193691A91116B354FFE44F799B1E302EF0BFFEAFBCEF2E81AC0833FEDC9EDF4803694E99B738762A3D577241C7256A0E19E472C
.beautyplayer.ca/	1970-01-20 00:04:35	Name: _clsk Value: 1ejs294\|1641788797739\|1\|0\|g.clarity.ms/collect
.beautyplayer.ca/	1970-01-20 17:34:20	Name: _ga Value: GA1.2.1925182564.1641788796
.beautyplayer.ca/	1970-01-20 00:04:35	Name: _gid Value: GA1.2.1617351726.1641788798
.beautyplayer.ca/	1970-01-20 00:03:08	Name: _dc_gtm_UA-121829175-8 Value: 1
tw.beautyplayer.ca/	1970-01-20 08:48:44	Name: Sta_LpTms_/product/product&product_id Value: 182=1
tw.beautyplayer.ca/	1970-01-20 00:46:20	Name: Sta_LpTms_30_/product/product&product_id Value: 182=1
tw.beautyplayer.ca/	1970-01-20 00:04:35	Name: sta_adsrc Value: bpsms
tw.beautyplayer.ca/	1970-01-20 00:04:35	Name: sta_admed Value: sms
tw.beautyplayer.ca/	1970-01-20 00:04:35	Name: sta_adcpn Value: cny-chic20220110
tw.beautyplayer.ca/	1970-01-20 00:04:35	Name: sta_adctn Value: undefined
tw.beautyplayer.ca/	1970-01-20 00:04:35	Name: sta_adurl Value: https://tw.beautyplayer.ca/product/product&product_id=182?utm_source=bpsms&utm_medium=sms&utm_campaign=cny-chic20220110
tw.beautyplayer.ca/	1970-01-20 00:04:35	Name: sta_utmDate Value: 20220110042637
.tw.beautyplayer.ca/	1970-01-20 00:46:20	Name: language Value: zh-TW
.tw.beautyplayer.ca/	1970-01-20 00:46:20	Name: currency Value: TWD
.beautyplayer.ca/	1970-01-20 02:12:44	Name: _fbp Value: fb.1.1641788797892.216261007
.beautyplayer.ca/	1970-01-20 08:48:44	Name: _hjSessionUser_1716948 Value: eyJpZCI6IjdmM2Y5N2ZiLTc4ZWItNTZkYy04N2IwLTkyZGVhOTBhZTI0YyIsImNyZWF0ZWQiOjE2NDE3ODg3OTc5MDksImV4aXN0aW5nIjpmYWxzZX0=
.beautyplayer.ca/	1970-01-20 00:03:10	Name: _hjFirstSeen Value: 1
.beautyplayer.ca/	1970-01-20 00:03:10	Name: _hjSession_1716948 Value: eyJpZCI6IjgyMmJkY2Q1LTI2OTgtNGJjYy04Mzc4LTEzMWQyMDI3NzdkZiIsImNyZWF0ZWQiOjE2NDE3ODg3OTc5MzV9
.beautyplayer.ca/	1970-01-20 00:03:10	Name: _hjAbsoluteSessionInProgress Value: 0
.yahoo.com/	1970-01-20 08:49:06	Name: A3 Value: d=AQABBH2122ECEDGJO6fiZyORQgjgI-lbetMFEgEBAQEG3WHlYQAAAAAA_eMAAA&S=AQAAAmrbGkT76BSb4e10VG7ieJQ
.beautyplayer.ca/	1970-01-20 00:03:08	Name: _gat Value: 1
.beautyplayer.ca/	1970-01-20 00:03:08	Name: _gat_newTracker Value: 1
.tw.beautyplayer.ca/	1970-01-20 17:34:20	Name: __lt__cid Value: e97dc09f-ec14-4194-8223-dcd5db109ef7
.tw.beautyplayer.ca/	1970-01-20 00:03:10	Name: __lt__sid Value: ca39475e-f3852ff7
.tw.beautyplayer.ca/	1969-12-31 23:59:59	Name: _qdm_ssiteuid Value: 64cf8cebe90ea2dc70416f7268032aa6%3Aaf16ea563152ab45a7865e631c6174b9ec2a6d5b018b7e3e045b763e51b176a8
.dmp.eland-tech.com/	1970-01-20 08:48:44	Name: edmp_uuid Value: ea324085de994f219e287776c6757b91011012
.dmp.eland-tech.com/	1970-01-20 08:48:44	Name: edmp_uuid_timestamp Value: 1641788798940
.dmp.eland-tech.com/	1970-01-20 08:48:44	Name: opt_out Value: 0
.holmesmind.com/	1970-01-23 15:40:06	Name: P Value: 689809-846gwONuOyPKrzy2oD31OKsvHExIval3
.holmesmind.com/	1970-01-20 00:24:15	Name: Vision Value: 20220110-23:59,20220110-15,20220110-15,20220110-23:59
.holmesmind.com/	1970-01-20 00:24:15	Name: C Value: null
.holmesmind.com/	1970-01-20 02:28:06	Name: RK Value: null
.line.me/	1970-01-20 17:34:20	Name: _ldbrbid Value: tr__k1y/XGHbtX+8VQxP5yhPAg==

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
analytics.google.com
c.bing.com
c.clarity.ms
c.holmesmind.com
cdn.doublemax.net
cdn.holmesmind.com
cdn.jsdelivr.net
cdn.qdm.cloud
cdnjs.cloudflare.com
chart.apis.google.com
connect.facebook.net
d.line-scdn.net
dmp.eland-tech.com
fonts.googleapis.com
fp.holmesmind.com
g.clarity.ms
googleads.g.doubleclick.net
image-cdn-flare.qdm.cloud
image-cdn.qdm.cloud
lihi1.com
s.yimg.com
scontent.xx.fbcdn.net
script.hotjar.com
sp.analytics.yahoo.com
static.addtoany.com
static.hotjar.com
static.xx.fbcdn.net
stats.g.doubleclick.net
tr.line.me
tw.beautyplayer.ca
vars.hotjar.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.se
www.googleadservices.com
www.googletagmanager.com
www.facebook.com
13.224.193.122
13.224.193.73
13.225.80.89
142.250.185.130
143.204.98.23
147.92.191.92
2.18.232.182
212.82.100.181
2600:9000:20eb:6200:0:e06c:e940:93a1
2606:4700:10::6816:46c5
2606:4700:10::6816:817
2606:4700:10::6816:917
2606:4700::6810:125e
2606:4700::6810:5814
2620:1ec:27::cafe:2080
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:808::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:811::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2003
2a00:1450:400c:c0c::9a
2a00:1450:4019:803::2002
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.117.219.39
34.213.95.5
35.201.236.149
35.201.76.93
35.244.149.249
52.142.114.2
52.182.214.99
00fd2df9390c7d67af597048b08e76074882e2ee9e36b78c94488b26d97048fc
025bf984fe836fd350f22da1b1b3a4435c6e04011162b8969fa31303a3943d14
037bc46815af4e3c6d7b9c938f56442d33faa44a500ed4eeb2703b85016b7633
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0657b321f3ca97ae4c1d9ecc7531e525cd848e34470c607bacf4fca88b62a297
07c0834caf5b03b1aaaac65504d1e744d27d5ed77c67b134b28bf391f517b7f6
08a4165eac77eaa4a5d13e5c9d590fce1c956dd3227655988d5f80c7a9fd0698
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
0afb40ef6f76e2d99c2366cfb38054f69e01704ee3ed6ec36003c1a3e24edb02
0b50f37ac7dc04a7b751bbeb03d674be5e834bbfe0da0b9d0368a611bcd71b0f
0c103ae844c36c58f5947f4ffac0ef3edf1d447d0650fe33437071d3e13645ca
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
18e6b5ff511b90edf098e62ac45ed9d6673a3eee10165d0de4164d4d02a3a77f
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
23f674dd996ed309468cec91c9785b83af197a817fbe55728fe657e6dbe6722b
2524cb51f4ac2491ca4625669b81edd2880561940199c8b119803c56c9b7d1e6
25ef1ba0c2f30c8c7c02906bb28e928db4352ec48ee9186848a4826b4ca125b8
261595338fd9066332abdbde9ab8f2cf826985e226e2d03904777799e54c9665
276a77095cdc65e26ce50775980db2dba953c141c20fd0f01f69b79e29e70f62
278d14102432128ab17b3d80d91b20926afb66eebff52452d3b36270b42f5bf5
28a7266304514e58bc6509836178c0426ab43dedf2700af77ced04808113f4f4
2a7890db9205c713a008765f47b197aa7c651c274c9af7289b535838319203c7
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e78b2c4adeef4c10bd954936428ab24878df81f959339c8f83d5886cfe176f4
3253d08c20c480b1204b512fb5c6908a16cce0e919e4f5b27255e05a5e8f7bfc
33c7b707c49507a95bb8ed5c779ff01983df7e379a05d86d98f2a05c5f979931
33e56f571071921b2e48316fb7be76b393c90a1ed70f3c43eb096fdce6498ca6
34def0e6a88c20ae9e9a758d9701b72349f9bd7d34b65c33b54e17293bf4a2f3
38afa875175bdb5cb38939ea9026dec15843d8d0bd757e4ad156dacf2f4bc7e8
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
3b692fd53c81453da0159529adc70d480b36f4d2efa340a9ffc2b8ab537a6fae
3b6e38e4f23f04a06a6b713d04e72f4358579049e53b396c9598c37cc6b1ae26
419b12628c9be092d5dbdfca38aa68e950c09a90ddf63012414ac92cae48f0f1
41b646a874e4cc09d73c01cf2a4698fbd6285896e649662e4973ea6db703d05d
42d979d54a12b76d10c5f34709c774b14aedcbf25f268f332a7e9163011b658b
43413331dd7b9f25dffca652505fd013f7f29b53846a3962788fe9574d9669a2
44062c88180765ead8496d96152b06cf67d7f9f0f722cf68a6a25cb4a3bb6c5c
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46bb6cb2b0d590cb89c1e8726deb7507dfd4a1b26e391b7bbf7d40562a4594ab
46df9d176eecd29eed2ce18055ff35674a612f444a460792d4ba4c5278f7a867
4881ea8a07a6d2647da213af975cc9172c8a7dcb09609c823cfe5aa059b75161
4a1cbf1feb69e4d01568c109411b910de160679a430a8499b9ae981eecaa2b54
4c0752b37b4f74e2e83dd5c1a8dda11d5f3a0534d857ea7a50a7e87530270d21
4c5502291d57f8a08e7182b90bf5def94bc9604102eb49e4c12fea526c931c2d
4c6d5ac4c77a0cd4dcae820b87afd1ee0b18a72bf0dd8f7de168fd307ac47041
4ca130786a2d2531241f8b8c7aaad6a4e27271f51b417b9c23f51bfb0c65c080
5742b8f76ab9ca3f8a4cab4fa849a9cae18a829585a6c36e5cd533b27a33dd5e
5a2a595079620af2d843fd7bcfcb03301830e44b818ed8090a585c271aed97b3
5e19be927b1d8c16659aa51e1f8c632caa4dc20faf474480833270e3aa622217
5fbaeb9f8e25d7e0143bae61d4b1802c16ce7390b96ceb2d498b0d96ff4c853f
5fef9a937425abb2379443653df672230aa257d2b8aefbd97b1594cc35a3234c
61580d5692d2fd4a668ef822483c0a553da8d3e694e3042e680946d2f60a6200
6293fc708ac9d3566cf3cb3dd7da5b1b1d5c5553ed6ffda5526651fed1f54fe8
6383fbd9c9377155aec82349de48bb6c9e09066c3ccb361a9a7a403001e47614
654a6b90bd1e8379f0f7b0f3f418c3bad7ee695fbd8979b7c22a993a85765486
6a3a2b65718ecbaef56385d3886e7aea403b25b4dde07dd7976dabe41043a922
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ba2b27c8412419065a260018cd8c47e4053e76674b3b0a55c6d945b18a0509e
6fbc61bb9c418ee40501a09e2f195f48264cafaedfdcf43f2011b673f3d1d6f1
6fda496239f7844a90beab8da7c5dd1e43ae3cc1aaca6c2792990f920a1dc59e
73690e3eeefa3672a9ddb120b26c962491612987fcd4bc9bc5df800943dcd6ac
741971ff7803fb47bee29bbef87ca9e733e6c2d466db1d4947fdb4c78fb451d7
795bc7f554c422da54e1304194a9fca72b848f03c3df4f8bb939cb99a95763be
7d58d86cb259067bc2bb8c7727373bd40456bbbfd17de8bd9bc84d55e7b79bf3
7e6f3eacf6af919ace45f10e39eda3e72143e0f57aad29590a6d37d5ddd0292f
7fa7d6e3b4039b59b4d4721ea7e523a42a4dc0b56405829df9f8696f8550fa01
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8551b1aefbfbc04e3713231c0bf53ce958efe4aae83e538b353ebe6e4c2b09da
85f77520a75fec02d6b95a1af23a8b4e7807f8b84f794b414213770c34fc7c44
88478594efd6b56eb88149ed4749cabcf4e4aac23db2a98623edc40acb9ebb47
893fa7fe8b6e69e2828319c04a7cbb6f129ea820db695d4ced5757d59450b6a8
8ab6c610d64f9b5e305f5ba15a8ef8696772c29ccc7e64f25e682af097104060
8b2dd36634025bfd0f2db3e7cfa44ae1426eda2a37a8d3edee70e9ee398b949e
916238ac8a4b41b1942ec7ec7b09ceeaf822f8df462642d1edcf3136ff49780f
9198dcdced5cf7322886ea8765f2e5f29cb35a83210d0a3bd8297e38803f2e43
921e70ab99851ce4ccfe7895eafd17b010e35a4f0556a7e776069e7b7e5ea1f7
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9341818c2f2b8e44e4063d08d1ed8cca78e005eebce07f30720f33ff898fcd42
96725eba539addee483b61331ebf23289dc26d3f34301c244b96be9f6a2822be
968e8defd809f51313b2635b79518c270e3b15fd9e51f3b1d46312c2d6a5c467
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
9832693ffd15a74c83268b71977ff8b9d1e5b5148d611fa0ca8b36656f336a82
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d6c57093bed832ad2cf849724d3d3435896b547c8ddda15ec8025c2b7bd7fc
9a960626aac5824774a307af4ca5735045ea3df5d0ff77a6bff753c24cc03ef7
9ce9d1cb8c782ff9b26709772092323c8bfa828c89968bffd9c55476c8ac312f
9e31058534b68e728b3cfe4d4f122333f19479a72ce4ac79b596ba346376f16c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2cd920049bd261db60804174bc8cdd8707fc181f9e3dbf214c7c1e26d5479ab
a2ebf481ad1fe4748ce8d245789b791932eba20002be07411736b67b2d657a11
a33a18d3ade364ae94fdc88f786c869ff8b45cae9bf98f2e2a16dd1459d98cdc
a3479b45d477eb8429f4be8a396050d90f894559a72068ec3593ec43f586d138
a3bcea36b87ea1233d3bbdae85edad2e0b22e4764069059cec89832433711973
a4356a08ee73877e8545f12636010deb618281698520957fcf5bc610ead611d5
a8c0371b1d58766c3901c4bbe28412523e5229e19d69236456d9dcb820e14324
a8c4ff4f3181d523b6443fffb9548ee385b2a8da8915c1cd4b6aea1165c71970
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aa8e78f3f30f1b267c9f993d4031ca93cb6e5ab03b78a1dd1b3fd342af0d0ea5
ab9527ee8da2d5445dc3dd12fe937548092e9b358929f7342bb2526105d7a475
af3903db50a67f20683404e58394179910de4cf09b4afb28daa5cfaf6d48769c
af78e6d4770cb789084342798f4f588d54172cd95c49586e575abb9fecf498d7
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
b55616e4eada60d4e94a044efa03f45c3550056a0e93a55a993b0b85a7e7689b
b740795ac784852c04ab248451dddc5d6352a2594ab43abc811e37138f8d08bd
ba22c3a0699d12fe7a0f6b82bb99e06bad77c6c7e02cb4ea8e3d34e1edfe3cdb
bd2a7dec65b8d4dd82207b374de33d9c487662bf95bdf62e5988ee540715ff25
be008c63ddefca3ce28657d3bec71467649a1cd0d6d83631ba31fe61e82bef6f
be307850d97a4cc3185166175515facde15350e4e7ab094000c8fd02edc3656d
bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7
c284a15d4a8436193e2dace3e0408e40f1eb880c3017bbc99553c4cebeee6979
ccd506e16978471e089e8fc5d1b115f675749381d8eacb9da570f3cfa608b785
cee3dba74877e0e190c6c5db376408a19db4567aaef469d3759580ff04bc7a67
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0120afbe63c38539eed856bbef4d49a92c45f78262bb705640d383bcbc0bfe1
d39c7ff4103007338040282460b2eb0e5adadd9fb80f986fb4c8a3d41785a6ca
d552d3145e87e9feacd04d7ef25b603afb9d592b9875cd3d6af46ce95e744ccb
d6c31639ddf311ea2b65e8499727551319cb0a8181f878633f4e8c23817d2940
d7637bfb674c709b17f7575e15596e0f4e5ef38d5bd6a0d030dc3fafd9d30eb2
d8b1b66b37325fc99d5b0b612b82310d71029c417a8d4ff710f9a3ff7f87773f
daea98ebe5d7eb34741feb779041434fd72a3b591be8823a5888197bfb33e4b1
ddbc1a158d7d13b63c0fda8fd2ece421016468e9e88914d2b81d3e8929c19df1
df0bed942f45f0500f3169a6a007f51ece4894ee645ee5aec24e0293a5bc75a0
df6d4fc52f8f3af6ef59c215a1165e4667f7daaedf4c5409db56d7c133564446
e10d2afad84f95e40094bddcd7c36b714995477d02ffccce0c8b80f4a1f6c154
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b6c563193d09d793755432a997b188440678d0f5fd7919ed43278d909b29df
e64210bc5df652430818348d474ae4e4339c142d2426a3aaf93d80dff2be5d4a
e848186385fa528822b0caabd69076146f2a362c4ffc3d9bc9d646fe99f06e59
e94bb2e4afc6aac0df3ec5ec5217e4c6ca9a5f904dc6180cae06fbfc980ad80d
ea2f014468a380dc5df1c1d3d7cf09a9202ac27b502b2e4c35d3c8b92a0d5dfe
ec967a9c7ef9f9b3498c4894319802b33f23d9aa08858d0db95a682f637cf305
ee185038d2a12324a2ae730f3882d156678075a76e4f69200477fc238a42c3d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef36c54a8970de684a3fda047b98b9835013bc6dc732889a59dfb0b789c91083
f028ba6a21099e00b3d4ba908e2e0cfc4e943eac6199e9a5d508beda2336df6a
f22120d1591b5397235fec8a01ffcc7d45fa6bd0b4cd6f93b8999c9365b359f1
f399c96e81b1bff7d1a081542d80a2bf434bb7669c1c2614899acec6dc9bac30
f5683b0ad30bc31d9076392f67a51516332d397d6a8cabcec66ec4448159c413
f6f2aeecc8b6dab976f830167c1849d1f3795509bb93a7031f6424152ce3ddae
f7bb6cb8d00f7f3642d52cfaf3972a5bed4f3b138ecf683358826828b47ee8ea
fe534b792f5f25ace762a8e8ca1c8a13a319c23bc7f7f2d393d7007ffdba5202
feca2dbb970226e8a8f21da8f25a1abef3f3f061f7834b74e829f3fee055d954
ff22c0a16cea7a56432d406df46efcb15cc101fd95363bcd0afad5b84757e8c5

tw.beautyplayer.ca Open in urlscan Pro 35.201.236.149 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

98 %HTTPS

59 %IPv6

26 Domains

39 Subdomains

36 IPs

7 Countries

5616 kBTransfer

12372 kBSize

54 Cookies

9 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

tw.beautyplayer.ca Open in urlscan Pro
35.201.236.149 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

98 %
HTTPS

59 %
IPv6

26
Domains

39
Subdomains

36
IPs

7
Countries

5616 kB
Transfer

12372 kB
Size

54
Cookies

181 HTTP transactions
3 data transactions