app2.atmovies.com.tw Open in urlscan Pro
61.61.96.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Submission: On February 11 via manual (February 11th 2022, 6:23:50 am UTC) from TW — Scanned from DE

Summary HTTP 201 Redirects Links 46 Behaviour Indicators

Summary

This website contacted 51 IPs in 9 countries across 38 domains to perform 201 HTTP transactions. The main IP is 61.61.96.232, located in Taiwan and belongs to NCIC-TW New Century InfoComm Tech Co., Ltd., TW. The main domain is app2.atmovies.com.tw.

This is the only time app2.atmovies.com.tw was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	61.61.96.232 61.61.96.232	9919 (NCIC-TW N...) (NCIC-TW New Century InfoComm Tech Co.)
24	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.238.101 35.186.238.101	15169 (GOOGLE) (GOOGLE)
6	65.9.7.97 65.9.7.97	16509 (AMAZON-02) (AMAZON-02)
1	61.61.96.252 61.61.96.252	9919 (NCIC-TW N...) (NCIC-TW New Century InfoComm Tech Co.)
4	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1b::9a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	210.59.219.180 210.59.219.180	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400f:800::2003	15169 (GOOGLE) (GOOGLE)
1	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	192.96.200.41 192.96.200.41	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
1	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 2	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
1	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	2602:803:c004... 2602:803:c004:200::141	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.75.110.87 35.75.110.87	16509 (AMAZON-02) (AMAZON-02)
1 4	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	185.29.134.249 185.29.134.249	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	138.201.220.30 138.201.220.30	24940 (HETZNER-AS) (HETZNER-AS)
16	18.203.96.5 18.203.96.5	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.201 2.18.233.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3	138.201.63.165 138.201.63.165	24940 (HETZNER-AS) (HETZNER-AS)
2 9	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2	210.59.219.175 210.59.219.175	3462 (HINET Dat...) (HINET Data Communication Business Group)
1 1	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.117.200.100 104.117.200.100	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2 2	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2a01:4f8:d0a:... 2a01:4f8:d0a:2321::2	24940 (HETZNER-AS) (HETZNER-AS)
1	167.233.14.134 167.233.14.134	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	54.76.176.197 54.76.176.197	16509 (AMAZON-02) (AMAZON-02)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.158.64 69.173.158.64	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	3.120.72.86 3.120.72.86	16509 (AMAZON-02) (AMAZON-02)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	2a05:d018:d29... 2a05:d018:d29:3602:1d01:41f0:b3c7:ca3c	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:205... 2600:9000:2057:b800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
4	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
201	51

20 61.61.96.232 (Taiwan)

ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW)

app2.atmovies.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.238.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.238.186.35.bc.googleusercontent.com

3b3.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 65.9.7.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-97.fra56.r.cloudfront.net

img.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.61.96.252 (Taiwan)

ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW)

cfapp.atmovies.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1b::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.180 (Zhonghe, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

bw.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400f:800::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.96.200.41 (Garrisonville, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

hb.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.181 (Zhonghe, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.119.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2602:803:c004:200::141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.75.110.87 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-75-110-87.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.29.134.249 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)

tags.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.220.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.30.220.201.138.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 18.203.96.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

s.update.mediamathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-201.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 138.201.63.165 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de

hal90005.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.59.219.175 (Zhonghe, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

rec.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.42.132 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.117.200.100 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-200-100.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 145.239.193.130 (France) 2 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Baienfurt, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a01:4f8:d0a:2321::2 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)

cdn.retailads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.233.14.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de

futalis.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.230 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

8019191.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com

ad-server.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)

pixel-apac.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.72.86 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-72-86.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3602:1d01:41f0:b3c7:ca3c (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:b800:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 92 tpc.googlesyndication.com — Cisco Umbrella Rank: 120	684 KB
26	doubleclick.net 3 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 67 googleads.g.doubleclick.net — Cisco Umbrella Rank: 37 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159 cm.g.doubleclick.net — Cisco Umbrella Rank: 175 8019191.fls.doubleclick.net — Cisco Umbrella Rank: 206307	193 KB
21	atmovies.com.tw app2.atmovies.com.tw cfapp.atmovies.com.tw	107 KB
16	mediamathtag.com s.update.mediamathtag.com — Cisco Umbrella Rank: 7204	53 KB
13	rubiconproject.com 5 redirects fastlane.rubiconproject.com — Cisco Umbrella Rank: 436 secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917 eus.rubiconproject.com — Cisco Umbrella Rank: 512 pixel-apac.rubiconproject.com — Cisco Umbrella Rank: 27977 pixel.rubiconproject.com — Cisco Umbrella Rank: 288 token.rubiconproject.com — Cisco Umbrella Rank: 593	14 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	123 KB
11	scupio.com img.scupio.com — Cisco Umbrella Rank: 64862 bw.scupio.com — Cisco Umbrella Rank: 119063 prebid.scupio.com — Cisco Umbrella Rank: 64334 rec.scupio.com — Cisco Umbrella Rank: 110141	143 KB
8	criteo.com 2 redirects bidder.criteo.com — Cisco Umbrella Rank: 736 gum.criteo.com — Cisco Umbrella Rank: 355 mug.criteo.com — Cisco Umbrella Rank: 3197	8 KB
8	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 59 www.google.com — Cisco Umbrella Rank: 2	3 KB
7	redintelligence.net hal9000.redintelligence.net — Cisco Umbrella Rank: 31122 hal90005.redintelligence.net — Cisco Umbrella Rank: 261223	53 KB
5	mathtag.com 1 redirects tags.mathtag.com — Cisco Umbrella Rank: 2834 pixel.mathtag.com — Cisco Umbrella Rank: 1050 sync.mathtag.com — Cisco Umbrella Rank: 387	4 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 250	38 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 146	151 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419 ads.yahoo.com — Cisco Umbrella Rank: 835	2 KB
3	appier.net 2 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 34537 gocm.c.appier.net — Cisco Umbrella Rank: 1908	733 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 9027	1 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 491	630 B
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 704	2 KB
2	retailads.net 1 redirects cdn.retailads.net — Cisco Umbrella Rank: 148948	6 KB
2	medialead.de 2 redirects pv.medialead.de — Cisco Umbrella Rank: 46456	1 KB
2	criteo.net static.criteo.net — Cisco Umbrella Rank: 638	56 KB
2	aralego.com 1 redirects hb.aralego.com — Cisco Umbrella Rank: 13835 sync.aralego.com — Cisco Umbrella Rank: 1751	665 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 548
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1193	75 B
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 659	438 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 21278	521 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 14416	702 B
1	ad-server.eu ad-server.eu — Cisco Umbrella Rank: 70137	312 B
1	futalis.de futalis.de — Cisco Umbrella Rank: 193766	409 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 65528	629 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	295 B
1	holmesmind.com ad.holmesmind.com — Cisco Umbrella Rank: 93223 c.holmesmind.com Failed	219 B
1	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 15156	176 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 741	646 B
1	3b3.org 3b3.org
0	Failed function sub() { [native code] }. Failed
201	38

	Domain	Requested by
23	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com img.scupio.com
23	pagead2.googlesyndication.com	app2.atmovies.com.tw pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com img.scupio.com
20	app2.atmovies.com.tw	app2.atmovies.com.tw
16	s.update.mediamathtag.com	tags.mathtag.com s.update.mediamathtag.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net app2.atmovies.com.tw
9	cm.g.doubleclick.net	2 redirects googleads.g.doubleclick.net eus.rubiconproject.com
6	img.scupio.com	app2.atmovies.com.tw img.scupio.com
5	www.gstatic.com	googleads.g.doubleclick.net
4	token.rubiconproject.com	4 redirects
4	pixel.rubiconproject.com	eus.rubiconproject.com
4	hal9000.redintelligence.net	app2.atmovies.com.tw hal90005.redintelligence.net
4	gum.criteo.com	2 redirects static.criteo.net
4	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
4	www.googletagservices.com	googleads.g.doubleclick.net
4	adservice.google.com	pagead2.googlesyndication.com 8019191.fls.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	app2.atmovies.com.tw googleads.g.doubleclick.net hal90005.redintelligence.net
3	hal90005.redintelligence.net	hal9000.redintelligence.net hal90005.redintelligence.net
3	tags.mathtag.com	googleads.g.doubleclick.net tags.mathtag.com
3	mug.criteo.com
3	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
3	adservice.google.de	pagead2.googlesyndication.com
2	sync-tm.everesttech.net	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	pm.w55c.net	2 redirects
2	8019191.fls.doubleclick.net	1 redirects app2.atmovies.com.tw
2	cdn.retailads.net	1 redirects futalis.de
2	pv.medialead.de	2 redirects
2	eus.rubiconproject.com	app2.atmovies.com.tw eus.rubiconproject.com
2	rec.scupio.com	img.scupio.com
2	static.criteo.net	img.scupio.com static.criteo.net
2	ad2.apx.appier.net	1 redirects
2	bw.scupio.com	img.scupio.com ajax.googleapis.com
2	www.google-analytics.com	app2.atmovies.com.tw www.google-analytics.com
1	id.rlcdn.com	eus.rubiconproject.com
1	ads.yahoo.com	eus.rubiconproject.com
1	sync.mathtag.com	1 redirects
1	ssbsync.smartadserver.com	googleads.g.doubleclick.net
1	s.ad.smaato.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	pixel-apac.rubiconproject.com	eus.rubiconproject.com
1	www.awin1.com	googleads.g.doubleclick.net
1	ad-server.eu	googleads.g.doubleclick.net
1	futalis.de	hal90005.redintelligence.net
1	pb.media01.eu	hal90005.redintelligence.net
1	sync.aralego.com	1 redirects
1	www.facebook.com	img.scupio.com
1	secure-assets.rubiconproject.com	1 redirects
1	pixel.mathtag.com	tags.mathtag.com
1	ad.holmesmind.com	img.scupio.com
1	fastlane.rubiconproject.com	img.scupio.com
1	prebid-asia.creativecdn.com	img.scupio.com
1	gocm.c.appier.net	1 redirects
1	prebid.scupio.com	img.scupio.com
1	hb.aralego.com	img.scupio.com
1	bidder.criteo.com	img.scupio.com
1	ajax.googleapis.com	img.scupio.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	cfapp.atmovies.com.tw	app2.atmovies.com.tw
1	3b3.org	app2.atmovies.com.tw
0	c.holmesmind.com Failed
0	agnangantblacabcerducfarharwo Failed
201	65

This site contains links to these domains. Also see Links.

Domain
www.atmovies.com.tw
search.atmovies.com.tw
tv.atmovies.com.tw
app.atmovies.com.tw
bbs.atmovies.com.tw
space.atmovies.com.tw
gallery.photowant.com
www.hamovie.com.tw

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-13` - `2022-11-13`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-04` - `2022-05-03`	3 months	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-21` - `2022-11-20`	a year	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-17` - `2022-04-11`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2022-04-22`	2 years	crt.sh
redintelligence.net R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
update.mediamathtag.com R3	`2021-12-26` - `2022-03-26`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.media01.eu RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-05-27` - `2022-05-27`	a year	crt.sh
*.futalis.de R3	`2021-12-23` - `2022-03-23`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
cdn.retailads.net Encryption Everywhere DV TLS CA - G1	`2021-07-17` - `2022-07-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 30 frames:

Primary Page: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Frame ID: 2D656B0E31E29D6F72395D8664A3E730
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html
Frame ID: 6E077626EC849800ECA722856EC05DAA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6580532459519002&output=html&adk=1812271804&adf=3025194257&lmt=1644560624&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&pra=5&wgl=1&dt=1644560624341&bpp=4&bdt=1309&idt=261&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5401682363158&rume=1&frm=20&pv=2&ga_vid=1380359854.1644560624&ga_sid=1644560625&ga_hid=2082096466&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064733%2C31061691%2C31061693&oid=2&pvsid=3191616802762528&pem=972&tmod=1024667465&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=277
Frame ID: 454D7964977A9833501E79C9FC601AF8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6580532459519002&output=html&h=280&slotname=9308357246&adk=2319559117&adf=2019286372&pi=t.ma~as.9308357246&w=853&fwrn=4&fwrnh=100&lmt=1644560624&rafmt=1&psa=0&format=853x280&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1644560624345&bpp=2&bdt=1313&idt=277&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5401682363158&rume=1&frm=20&pv=1&ga_vid=1380359854.1644560624&ga_sid=1644560625&ga_hid=2082096466&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064733%2C31061691%2C31061693&oid=2&pvsid=3191616802762528&pem=972&tmod=1024667465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=T1BkMZ5KCT&p=http%3A//app2.atmovies.com.tw&dtd=283
Frame ID: 52C55762521BD6127148469736A95B65
Requests: 13 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.61
Frame ID: DD899939A09A644BC7E963E3C5EADF78
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1
Frame ID: 11EA20783D70FC52DE76AC49683EC7D9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8CA8334E11F83C83EBC5FAC6FFC2E8A2
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Frame ID: 8E0F4C171C6B93A70B53D434EEF3E115
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400
Frame ID: 7F4E3B138423385461BCF36B716625B7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Frame ID: F2514F04FAF26473C7D889AD9FBF5BE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F0DAAB56236A725922F3C6A8FAE74AE2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js
Frame ID: 8DCCDDFC12C5F85A4D46E365C7576CB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3EAF660EFB08EEF962D29CAE598325D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 211B366C9F1348F25393DB880D35D4A2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 9862B8EDE2699F56C5CBA5E7BADEC9CE
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=app2.atmovies.com.tw
Frame ID: F547F94CBA7A8F78C9DC59BF55A59404
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Frame ID: 36ECD05E519F67B4FE4191BFD42CD2C4
Requests: 33 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E8D1BD052495A47442A1322F1074DE5E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EFD444DC0CCB5D3D5F6E0D52934393B0
Requests: 2 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: D29F84A2A1BCB19407C66118F8C25960
Requests: 1 HTTP requests in this frame

Frame: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEDjYAF1x_Ri-RHntmREDDDk&google_cver=1&google_ula=3918219,0
Frame ID: C2AD15F65689F17C8DC3E2C24E4527D9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: E1BF769AA4945DD7B7164D3B7657E355
Requests: 11 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22170800027226400951393011867005&actionid=981741&produktid=&dt_url=
Frame ID: A7445E80BD5224D06D69C9614A209F28
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1207393666
Frame ID: 64CCBC6962494D8C419B383F71C16EA0
Requests: 2 HTTP requests in this frame

Frame: https://8019191.fls.doubleclick.net/activityi;dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512
Frame ID: 86CCF10FA3CB85BC5F8351CD036A7A0A
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4
Frame ID: 2EB69E2CF0C785675166284D3A8B81F3
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E546212F51961FAB6E6EF067EA943BCC
Requests: 9 HTTP requests in this frame

Frame: blob://https://googleads.g.doubleclick.net/3a79f028-99ba-45a7-846e-52e7ab699779
Frame ID: 1542EA35A555B4399AE83542CD841E51
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 01E1FEB517C85EBF9A0BE06FE9CF55E8
Requests: 1 HTTP requests in this frame

Frame: chrome-extension://agnangantblacabcerducfarharwo/cycle.json
Frame ID: E9CF61E3790F0AC5B493E0408548D982
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

開眼電影網--新版--

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

201
Requests

74 %
HTTPS

34 %
IPv6

38
Domains

65
Subdomains

51
IPs

9
Countries

1657 kB
Transfer

4256 kB
Size

33
Cookies

46 Outgoing links

These are links going to different origins than the main page.

URL: http://www.atmovies.com.tw/home/

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/movie/
Title: 電影

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/movie/new/
Title: 本周新片

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/movie/now/
Title: 本期首輪

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/movie/now2/
Title: 本期二輪

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/movie/next/
Title: 近期上映

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/movie/next2/
Title: 新片快報

Search URL Search Domain Scan URL

URL: http://search.atmovies.com.tw/
Title: ☆ 搜尋

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/
Title: 戲院

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/html/ticket/
Title: ★ 網路訂票 ★

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a01/
Title: 基隆

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a02/
Title: 台北

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a03/
Title: 桃園

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a35/
Title: 新竹

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a37/
Title: 苗栗

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a04/
Title: 台中

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a47/
Title: 彰化

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a45/
Title: 雲林

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a49/
Title: 南投

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a05/
Title: 嘉義

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a06/
Title: 台南

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a07/
Title: 高雄

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a87/
Title: 屏東

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a39/
Title: 宜蘭

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a38/
Title: 花蓮

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a89/
Title: 台東

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a69/
Title: 澎湖

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/showtime/a68/
Title: 金門

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/home/
Title: 電視

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/tv/attv.cfm?action=showtime
Title: 目前放映

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/tv/attv.cfm?action=todaytime
Title: 今日節目表

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/tv/attv.cfm?action=channeltime
Title: 頻道節目表

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/tv/attv.cfm?action=special
Title: 節目精選

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/tv/attv.cfm?action=channel
Title: 頻道列表

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/tv/attv.cfm?action=cable
Title: 有線電視

Search URL Search Domain Scan URL

URL: http://tv.atmovies.com.tw/tv/attv.cfm?action=search
Title: 節目搜尋

Search URL Search Domain Scan URL

URL: http://app.atmovies.com.tw/activity/activity.cfm
Title: 活動

Search URL Search Domain Scan URL

URL: http://bbs.atmovies.com.tw/
Title: bbs

Search URL Search Domain Scan URL

URL: http://space.atmovies.com.tw/
Title: 分享

Search URL Search Domain Scan URL

URL: http://gallery.photowant.com/B/
Title: 圖王

Search URL Search Domain Scan URL

URL: http://www.hamovie.com.tw/hamoviehome.html
Title: 會員

Search URL Search Domain Scan URL

URL: http://www.atmovies.com.tw/
Title: 開眼

Search URL Search Domain Scan URL

URL: http://app.atmovies.com.tw/service/service.cfm?action=contact
Title: 聯絡我們

Search URL Search Domain Scan URL

URL: http://app.atmovies.com.tw/service/service.cfm?action=about&page=1
Title: 關於開眼

Search URL Search Domain Scan URL

URL: http://app.atmovies.com.tw/service/service.cfm?action=about&page=4
Title: 服務中心

Search URL Search Domain Scan URL

URL: http://www.hamovie.com.tw/bin/memberservice/memberservice.cfm
Title: 會員服務

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 88

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=VD9L6QN2B6uM25v_8gAGYg

Request Chain 94

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 120

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=app2.atmovies.com.tw&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=sjO1znwxVEZMa3NyMVFhMDA3SkhaZ3cyNjVidmxWL2Q1citZL1pET1hsK3NrTGh1bkd5VlZRRDVOS3ptKzQrT2Q4NFZkNmhqc29mY01LcGpkcVo2Y01ndG5vdjA3Zjk1Nitob0hDbEVmRTVoL2YwSS9IYW1RVHAvMkpYMXNleVpML1VSaTdCaEpKblZCOWhEb2JaSlJpSHppMi9zay9OSkt1NjhURzNhZjU3WXRlLzZobWg3VkMyNlN0bUVITE14VFpBSTExNGVvOTEza2ZjSTd1b0k3aS9wME03RTFoWU5oN1JHUTdMV3VzamRiR3dLS3BiTTl3U3dTcHhTK2Q3Rk5Sc1ZDWWMxa1NGYzE0OXIvM08zN3ZFWUJrMGhTR28wNkJYSFRURzRNZzRldFRmMD18&cppv=2

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMjAyMTExNDIzNDgxNTY1Mg%3d%3d&layout=js HTTP 302
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEDjYAF1x_Ri-RHntmREDDDk&google_cver=1&google_ula=3918219,0

Request Chain 141

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Request Chain 143

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA2022021114234815652 HTTP 302
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

Request Chain 144

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=22170800027226400951393011867005&t=htlp HTTP 302
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22170800027226400951393011867005&actionid=981741&produktid=&dt_url=

Request Chain 145

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=22170800027226400951393011867005&ra_cnt_active=1&ra_cnt=1 HTTP 302
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1207393666

Request Chain 146

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512 HTTP 302
https://8019191.fls.doubleclick.net/activityi;dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512

Request Chain 148

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=22170800027226400951393011867005 HTTP 301
https://ad-server.eu/wm/pb/native.png

Request Chain 160

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&google_cver=1&google_push=AYg5qPI3l7ALh-SHanePPQabk4e7eo0o43qePTxoGNIj-7Y2ktMnUoZC25Wuq_VlJ9ntoIqOUoBw59KKbp26vk5EhlK8VE_6D5fN HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&google_cver=1&google_push=AYg5qPI3l7ALh-SHanePPQabk4e7eo0o43qePTxoGNIj-7Y2ktMnUoZC25Wuq_VlJ9ntoIqOUoBw59KKbp26vk5EhlK8VE_6D5fN HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXY2SXN6VmwxTmlwbHE1&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&google_cver=1&google_push=AYg5qPI3l7ALh-SHanePPQabk4e7eo0o43qePTxoGNIj-7Y2ktMnUoZC25Wuq_VlJ9ntoIqOUoBw59KKbp26vk5EhlK8VE_6D5fN

Request Chain 162

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOrzXmc7-NuK0ZwidcBcH2Q&google_cver=1&google_push=AYg5qPJEz8hztQtfkR9_h-zcmNb-RdlYCRRge0Xmoaqcp71VHFNTnQsJHOB6jDnMjxamS8qwdQH6lQZq5j-A0n_nRwcTVljiGzZM HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=q4OJEmrtQRi7h_eI0iD2Xg2&google_push=AYg5qPJEz8hztQtfkR9_h-zcmNb-RdlYCRRge0Xmoaqcp71VHFNTnQsJHOB6jDnMjxamS8qwdQH6lQZq5j-A0n_nRwcTVljiGzZM

Request Chain 163

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELjaq_Ycuqb8yNjNyU3s8v0&google_cver=1&google_push=AYg5qPLwBk4G3nfJjDfW78apgcLbsmCaXaxrPnaMc6rAzowJU2jmy7eXiakibask4y-xiDljXI0h44xBJg9b9SC6wsShChNiO7SY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLwBk4G3nfJjDfW78apgcLbsmCaXaxrPnaMc6rAzowJU2jmy7eXiakibask4y-xiDljXI0h44xBJg9b9SC6wsShChNiO7SY&google_hm=NzM0NjUyNzYzMjIwMzc0MDc1

Request Chain 164

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1

Request Chain 165

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL6lIzWUq0tkgp1GJsLORbg&google_cver=1&google_push=AYg5qPLIqILcGVzw0Idi3i6ZshyGa87rbLZq1zGu-nNZ018OHCwB9r1A-wHNi8RS9w0G8mjAZhj0Ezc2FfM5LnuC83hj6R2cQT8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLIqILcGVzw0Idi3i6ZshyGa87rbLZq1zGu-nNZ018OHCwB9r1A-wHNi8RS9w0G8mjAZhj0Ezc2FfM5LnuC83hj6R2cQT8

Request Chain 173

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d3e6206-00f3-4e01-b8ab-503b0c5bb58f&expires=28

Request Chain 174

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGQ2YzhhMjNhNjg1MWNlZTUyZmVjNDdjNmVjNmFhZmYwZmIwZWM5ZA

Request Chain 175

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgYA9AAFWDRQ7QBB HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgYA9AAFWDRQ7QBB&_test=YgYA9AAFWDRQ7QBB

Request Chain 176

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZI0XO7I-1Q-6CH8&sigv=1&esig=2~ae178eef74c113076b7c5128e6ac7af9bdfdb724

Request Chain 177

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJMFhPN0ktMVEtNkNIOA==

Request Chain 178

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/4T-KGDZ_h5cattibspGGr8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=734652763220374075

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi21dX_QZ_n-h1YhDhiAVk&google_cver=1

Request Chain 201

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fapp2.atmovies.com.tw%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=UQ93pnxrZFMydDNGb2g0bUZJZ3JlUGxuZzhLcTBLbXdRL2d5M0Z4VlBRS1VITDJnbGpBYS9XWGhOenF4QTRmUzgxMUw2ZVYycWpwQkR3L2NOOVZ2WXN3WlArMUdja1prOEYvMUR4M2lkQnNoeUJzWDNPOVFObWpIR1c4YTBTS1Y3eE5oWFFuQ3F3RHJhY1piYVRpemIxUTFmYVhKK0pVR1hXN2tBWjdTNW5wMlZSNG5wclJMRFNNdWVjNVZhWDJIdGJQTkxicUl6RGF3WThzTXJNYW5pdEErUXdUVWpkaWRjd1E3bGhmcUN4MnV6OVdWckcwWGRiOHQweE9nYUtwUUhGTlo3WkhRb2tWNWlkVVcxcC8wMnpLbXhFZ2UxRHlRaUVEMWo5Ky85ZVFKWHc0UT18&cppv=2

Request Chain 202

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

201 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
app2.atmovies.com.tw/film/extend/fphk2105530003/ 25 KB
14 KB 1222ms
440ms Document
text/html 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 243fa32ac1ad6980831ebf8b9c44ed79590e6f20c28b702a811909c296c43e08

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Length: 13750

GET
H/1.1 200
OK main-2.css
app2.atmovies.com.tw/assets/css/ 49 KB
9 KB 201ms
201ms Stylesheet
text/css 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/css/main-2.css?20160606
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 33b1d92dea99b2090acb03ad2f65f79264ca95dcc1f0581ae545a8956efcc04f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:40 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0e227cd4bd6d21:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 8836

GET
H/1.1 200
OK jquery.min.js Show response
app2.atmovies.com.tw/assets/js/ 94 KB
33 KB 403ms
201ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/jquery.min.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:44 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "03c8acf4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 33365

GET
H/1.1 200
OK jquery.dropotron.min.js Show response
app2.atmovies.com.tw/assets/js/ 4 KB
2 KB 404ms
201ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/jquery.dropotron.min.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a3b405b2510fba2b69acd54d409aed128fe35cd7f0827d414e0551d8127954e2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:44 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "03c8acf4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1978

GET
H/1.1 200
OK skel.min.js Show response
app2.atmovies.com.tw/assets/js/ 9 KB
3 KB 584ms
201ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/skel.min.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c93e56bfb68f8389b5decfcfb621863b3d4884039501f8290458d8345225fec4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:44 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "03c8acf4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3187

GET
H/1.1 200
OK skel-viewport.min.js Show response
app2.atmovies.com.tw/assets/js/ 1 KB
1 KB 606ms
201ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/skel-viewport.min.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: f2487fe770f52c8631150215b55a2bb12a4bd9a9815f458212c85188c27e6e53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:44 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "03c8acf4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 777

GET
H/1.1 200
OK util.js Show response
app2.atmovies.com.tw/assets/js/ 12 KB
3 KB 606ms
201ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/util.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:44 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "03c8acf4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 3266

GET
H/1.1 200
OK main.js Show response
app2.atmovies.com.tw/assets/js/ 2 KB
1 KB 611ms
201ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/main.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 674f601da1dd9ada5fecab6a9f3c61ad3b9bac0b4e5473903459c4a817a7b6c7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:44 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "03c8acf4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1189

GET
H/1.1 200
OK home.js Show response
app2.atmovies.com.tw/assets/js/ 2 KB
1 KB 786ms
202ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/home.js?v=101
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d7096534be069413691b6f4588d3494aeccb2ccbb7a73b965541c0fec78cc374

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Jun 2017 23:37:48 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "a71eda8c67f0d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 728

GET
H/1.1 200
OK ajax-grab.js Show response
app2.atmovies.com.tw/assets/js/ 1 KB
990 B 801ms
200ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/ajax-grab.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 541b2a341cf1eb1e46bc40801c3b0ca41f043ab09dd180c0f1adf33619612467

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:42 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0f59ce4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 683

GET
H/1.1 200
OK jquery.rwdImageMaps.js Show response
app2.atmovies.com.tw/assets/js/ 2 KB
1 KB 807ms
201ms Script
application/x-javascript 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/js/jquery.rwdImageMaps.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 64a7b441531759e2cd1008ebca931624cad291311d399f40f77d70d62acecef1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:44 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "03c8acf4bd6d21:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Accept-Ranges: bytes
Content-Length: 1048

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 109ms
57ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac6172584189afdad5b3dc9b17e611d3a6f051806bb99e1172ea8caba554c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 10715755455650931065
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 53557
X-XSS-Protection: 0
Expires: Fri, 11 Feb 2022 06:23:44 GMT

GET
H/1.1 200
OK movie.css
app2.atmovies.com.tw/assets/css/ 8 KB
2 KB 409ms
209ms Stylesheet
text/css 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/css/movie.css
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: a043e37e9770a0626b451e0be7366ebe3787add88a476991d265c077c761961c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:42 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0f59ce4bd6d21:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1766

GET
H/1.1 200
OK angela.css
app2.atmovies.com.tw/assets/css/ 332 B
548 B 401ms
202ms Stylesheet
text/css 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/css/angela.css
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 3a42fd795b37d63b9fc1bc379c1e16dbf8bf4f87c67c999e0a8a0a35bee94f98

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:38 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0b5f6cb4bd6d21:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 256

GET
H/1.1 200
OK logo300.gif
app2.atmovies.com.tw/images/ 9 KB
9 KB 203ms
202ms Image
image/gif 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://app2.atmovies.com.tw/images/logo300.gif
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 924b9922c6ba422e12cd87454470677946345e1efc883c9abdddc20bd02da2aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:10 GMT
Last-Modified: Fri, 26 May 2017 18:11:50 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "037978b4bd6d21:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 9122

GET
H/1.1 200
OK logo100.png
app2.atmovies.com.tw/images/ 2 KB
2 KB 206ms
206ms Image
image/png 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://app2.atmovies.com.tw/images/logo100.png
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 8da33f98c0d0f2eb0383dcb403231643d8bb775ba4d19cf3f90ab761ee7100d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:10 GMT
Last-Modified: Fri, 26 May 2017 18:11:46 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0dd34894bd6d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1843

GET
H/1.1 200
OK search.png
app2.atmovies.com.tw/images/ 1 KB
1 KB 204ms
203ms Image
image/png 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://app2.atmovies.com.tw/images/search.png
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 0a37a2cac7d43af707624d1b2b0adbb8b19605501898c4ab5249cb7668538aaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:10 GMT
Last-Modified: Fri, 26 May 2017 18:11:46 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0dd34894bd6d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1112

GET
H/1.1 200
OK cer_PG.gif
app2.atmovies.com.tw/images/ 1 KB
2 KB 223ms
222ms Image
image/gif 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://app2.atmovies.com.tw/images/cer_PG.gif
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: e0c7cdbd3979eb9f8b3ea44d9c5b08a532597013b716973c4a2df7ed533f55d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:10 GMT
Last-Modified: Fri, 26 May 2017 18:11:52 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "064c88c4bd6d21:0"
Content-Type: image/gif
Accept-Ranges: bytes
Content-Length: 1500

GET
H/1.1 200
OK c.js Show response
3b3.org/ 0
0 207ms
108ms Script
text/html 35.186.238.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://3b3.org/c.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 35.186.238.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.238.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK http Show response
app2.atmovies.com.tw/film/extend/fphk2105530003/ 25 KB
14 KB 811ms
811ms Script
text/html 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/http
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 243fa32ac1ad6980831ebf8b9c44ed79590e6f20c28b702a811909c296c43e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:10 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
Content-Length: 13750
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 114 KB
40 KB 107ms
55ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

969ec05383f32d7f61c40d0c4fcd75b7be8d1362e5d51fa664ed59a1a2237adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 14315003923557562000
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 40131
X-XSS-Protection: 0
Expires: Fri, 11 Feb 2022 06:23:44 GMT

GET
H/1.1 200
OK ad.js Show response
img.scupio.com/js/ 72 KB
22 KB 44ms
8ms Script
application/javascript 65.9.7.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://img.scupio.com/js/ad.js
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 65.9.7.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-97.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 1e7bdf52eadea30acf902248591382393f39789465b7849f501d488523552121

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:19:33 GMT
Content-Encoding: gzip
Age: 255
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Access-Control-Allow-Origin: *
Last-Modified: Mon, 07 Feb 2022 07:24:18 GMT
Server: nginx/1.12.1
ETag: W/"6200c922-11e2f"
Content-Type: application/javascript; charset=utf-8
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
Cache-Control: max-age=900
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: jbWjbpLjKtGCKHYrAWh3Hxza0bhiw2OgPlWi3s2QZG4-7b_9MNQ4Bw==
Expires: Fri, 11 Feb 2022 06:34:29 GMT

GET
H/1.1 404
Not Found /
cfapp.atmovies.com.tw/cfc/www_movie/ 0
0 1268ms
201ms Image
text/html 61.61.96.252
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://cfapp.atmovies.com.tw/cfc/www_movie/
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Server: 61.61.96.252 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1 200
OK font-awesome.min.css
app2.atmovies.com.tw/assets/css/ 26 KB
6 KB 206ms
201ms Stylesheet
text/css 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to

Full URL: http://app2.atmovies.com.tw/assets/css/font-awesome.min.css
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/assets/css/main-2.css?20160606
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/assets/css/main-2.css?20160606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:08 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 May 2017 18:13:40 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0e227cd4bd6d21:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 6020

GET
H/1.1 200
OK css
fonts.googleapis.com/ 13 KB
2 KB 87ms
49ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Open+Sans+Condensed:700

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/assets/css/main-2.css?20160606

Protocol

HTTP/1.1

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

36f22718f6ca223dd07d63d9064361109e3db43735f459181bb94f972bd02f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:43 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Fri, 11 Feb 2022 06:23:43 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Fri, 11 Feb 2022 06:23:43 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 125ms
39ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1132
date: Fri, 11 Feb 2022 06:04:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 11 Feb 2022 08:04:52 GMT

GET
H/1.1 200
OK overlay.png
app2.atmovies.com.tw/assets/css/images/ 108 B
354 B 201ms
201ms Image
image/png 61.61.96.232
NCIC-TW New Centu...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://app2.atmovies.com.tw/assets/css/images/overlay.png
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/assets/css/main-2.css?20160606
Protocol: HTTP/1.1
Server: 61.61.96.232 , Taiwan, ASN9919 (NCIC-TW New Century InfoComm Tech Co., Ltd., TW),
Reverse DNS
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: 730703648d7313363c5ea76c8335d221de625372109bbffee1308a3e1609a6b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/assets/css/main-2.css?20160606
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:24:10 GMT
Last-Modified: Fri, 26 May 2017 18:13:40 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
ETag: "0e227cd4bd6d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 108

GET
H/1.1 200
OK memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 78ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Open+Sans+Condensed:700

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://app2.atmovies.com.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 04 Feb 2022 09:53:14 GMT
X-Content-Type-Options: nosniff
Age: 592230
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 44656
X-XSS-Protection: 0
Last-Modified: Thu, 28 Oct 2021 00:30:43 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Sat, 04 Feb 2023 09:53:14 GMT

GET
H/1.1 200
OK z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v21/ 16 KB
17 KB 78ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/opensanscondensed/v21/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,700italic|Open+Sans+Condensed:700

Protocol

HTTP/1.1

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://app2.atmovies.com.tw
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Wed, 09 Feb 2022 20:12:50 GMT
X-Content-Type-Options: nosniff
Age: 123054
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16324
X-XSS-Protection: 0
Last-Modified: Wed, 26 Jan 2022 18:56:57 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 09 Feb 2023 20:12:50 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
211 B 48ms
48ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2082096466&t=pageview&_s=1&dl=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ul=en-us&de=UTF-8&dt=%E9%96%8B%E7%9C%BC%E9%9B%BB%E5%BD%B1%E7%B6%B2--%E6%96%B0%E7%89%88--&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=539634858&gjid=995897294&cid=1380359854.1644560624&tid=UA-76403910-2&_gid=133101952.1644560624&_r=1&_slc=1&z=932862815

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://app2.atmovies.com.tw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://app2.atmovies.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
441 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c1b::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-76403910-2&cid=1380359854.1644560624&jid=539634858&gjid=995897294&_gid=133101952.1644560624&_u=IEBAAEAAAAAAAC~&z=413820936

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1b::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://app2.atmovies.com.tw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 11 Feb 2022 06:23:44 GMT
content-type: text/plain
access-control-allow-origin: http://app2.atmovies.com.tw
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 289 KB
105 KB 152ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6580532459519002&plah=app2.atmovies.com.tw

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7dca558b219d38f8feb7021e31466b26fccc157cbe9d94e9ac4f3ebd442617af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106377
x-xss-protection: 0
server: cafe
etag: 9157965172527817583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 06:23:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/ Frame 6E07 10 KB
5 KB 118ms
36ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 23:38:04 GMT
expires: Thu, 24 Feb 2022 23:38:04 GMT
cache-control: public, max-age=1209600
age: 24340
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rum_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/ 55 KB
21 KB 86ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/rum_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-6580532459519002&plah=app2.atmovies.com.tw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

936e2a79b73ecbd8d53e825de3c18ba942ba0896065872a266115ebe7904bc69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2787
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21571
x-xss-protection: 0
server: cafe
etag: 18228264410970089360
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 05:37:17 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
646 B 158ms
47ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=app2.atmovies.com.tw&callback=_gfp_s_&client=ca-pub-6580532459519002

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d5489bd94611d301ad79fb6e097d73ffc65a1b9d2138ec8058091fd6baed3d25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 130ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=app2.atmovies.com.tw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 132ms
47ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=app2.atmovies.com.tw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 97ms
58ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&tn=NAV&id=nav&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 454D 259 KB
65 KB 575ms
528ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6580532459519002&output=html&adk=1812271804&adf=3025194257&lmt=1644560624&plat=2%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&pra=5&wgl=1&dt=1644560624341&bpp=4&bdt=1309&idt=261&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5401682363158&rume=1&frm=20&pv=2&ga_vid=1380359854.1644560624&ga_sid=1644560625&ga_hid=2082096466&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064733%2C31061691%2C31061693&oid=2&pvsid=3191616802762528&pem=972&tmod=1024667465&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=277

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d847e8fbdcdb70412a6bc30a3643ca53cb17a35d77f766e75456dbdcfb77bba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 06:23:45 GMT
server: cafe
content-length: 66468
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 06:23:45 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 52C5 85 KB
31 KB 643ms
605ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6580532459519002&output=html&h=280&slotname=9308357246&adk=2319559117&adf=2019286372&pi=t.ma~as.9308357246&w=853&fwrn=4&fwrnh=100&lmt=1644560624&rafmt=1&psa=0&format=853x280&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1644560624345&bpp=2&bdt=1313&idt=277&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5401682363158&rume=1&frm=20&pv=1&ga_vid=1380359854.1644560624&ga_sid=1644560625&ga_hid=2082096466&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064733%2C31061691%2C31061693&oid=2&pvsid=3191616802762528&pem=972&tmod=1024667465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=T1BkMZ5KCT&p=http%3A//app2.atmovies.com.tw&dtd=283

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6993ba26773701ed0b5343dede6669fe0604d21b88c658ab3b06203f79d948d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 06:23:45 GMT
server: cafe
content-length: 31371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 06:23:45 GMT
cache-control: private

GET
H2 200 11016.json Show response
img.scupio.com/js/config/ 640 B
1 KB 624ms
606ms XHR
application/json 65.9.7.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/11016.json?v=1.0.3839
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-97.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 5094b2cddcafbe5ec79c053c50bde8bbc5d2ae568c00908b9b3fb90dc197e141

Request headers

Accept: application/json, text/javascript, */*
Referer: http://app2.atmovies.com.tw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
via: 1.1 c4a2e8b9ec0bdec016055cf127d5dad8.cloudfront.net (CloudFront)
last-modified: Fri, 11 Feb 2022 02:20:12 GMT
server: nginx/1.12.1
x-amz-cf-pop: FRA56-C1
etag: "6205c7dc-280"
x-cache: RefreshHit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
accept-ranges: bytes
content-length: 640
x-amz-cf-id: A9lqqGZ6w1lQr24FyzwPvyYtxVbS7GkmMfwy442BmrBIm1i9JX34xA==
expires: Fri, 11 Feb 2022 09:23:45 GMT

POST
H/1.1 200
OK adreqlog.aspx Show response
bw.scupio.com/adpinline/ 0
722 B 816ms
200ms XHR
application/json 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/adreqlog.aspx?cid=11016&cb=0.2862040186699122
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json, text/javascript, */*
Referer: http://app2.atmovies.com.tw/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 11 Feb 2022 06:23:45 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: http://app2.atmovies.com.tw
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0

GET
H2 200 ad.html Show response
img.scupio.com/html/ Frame DD89 82 KB
22 KB 24ms
9ms Document
text/html 65.9.7.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ad.html?v=1.0.61
Requested by: Host: img.scupio.com
URL: http://img.scupio.com/js/ad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-97.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 88de5f95fea91d43e84cba58bbc21573c9f9f2a6d45b3bdd8af60295903c88c4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Wed, 12 Jan 2022 05:51:14 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 11 Feb 2022 05:51:25 GMT
expires: Sun, 13 Mar 2022 05:50:56 GMT
cache-control: max-age=2592000
etag: W/"61de6c52-148ff"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: 0-4mgLocHHFeTmci2JAUeStDpTTaZ7WQU9ztrIWx-uzhJgykVJciGw==
age: 1969

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame DD89 95 KB
34 KB 122ms
36ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 15:39:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53067
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 10 Feb 2023 15:39:18 GMT

GET
H2 200 prebid.js Show response
img.scupio.com/js/ Frame DD89 259 KB
92 KB 8ms
7ms Script
application/javascript 65.9.7.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-97.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 203952d95f704a3d83b4f4d2b637c3ec6eed453918da831b11433d6854770063

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.61
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:20:33 GMT
content-encoding: gzip
last-modified: Mon, 01 Nov 2021 04:07:12 GMT
server: nginx/1.12.1
age: 233
etag: W/"617f67f0-40b0e"
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: W7fUQ4jmP6RnGZkgTEjju151-FhI9xCjVb3Zq8YAPfPcE_AZJS8dcw==
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
expires: Sun, 13 Mar 2022 06:19:52 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/ 150 KB
53 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202030101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11861d7a9f3a93e5bab30b26a38dec607d5ad82988d30e25b0bcfd86eccdcda3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54417
x-xss-protection: 0
server: cafe
etag: 14345865829346382559
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 52C5 1 KB
955 B 134ms
50ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6580532459519002&output=html&h=280&slotname=9308357246&adk=2319559117&adf=2019286372&pi=t.ma~as.9308357246&w=853&fwrn=4&fwrnh=100&lmt=1644560624&rafmt=1&psa=0&format=853x280&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1644560624345&bpp=2&bdt=1313&idt=277&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5401682363158&rume=1&frm=20&pv=1&ga_vid=1380359854.1644560624&ga_sid=1644560625&ga_hid=2082096466&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064733%2C31061691%2C31061693&oid=2&pvsid=3191616802762528&pem=972&tmod=1024667465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=T1BkMZ5KCT&p=http%3A//app2.atmovies.com.tw&dtd=283

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:12:38 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 52C5 19 KB
8 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:41:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2530
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 05:41:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 52C5 2 KB
1 KB 128ms
49ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:39:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2681
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 05:39:04 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 52C5 124 KB
38 KB 154ms
68ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 52C5 15 KB
6 KB 124ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 05:32:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3081
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 05:32:24 GMT

GET
H2 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 52C5 27 KB
12 KB 122ms
39ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 May 2022 05:35:55 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11850904434001529940/ Frame 52C5 35 KB
35 KB 129ms
51ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11850904434001529940/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fdde479e6547ad2de604bd947fa17fb80378cbe689e0a36c97a4bff9cd8331d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 04 Feb 2022 19:23:56 GMT
x-content-type-options: nosniff
age: 557989
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35815
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 03:48:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Feb 2023 19:23:56 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 52C5 0
0 82ms
82ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIad08AAGYrOuKtvK7_UP5uyV4A75juqSaLzl2qiRD-_a0bqhLhABIM3d2AZgleKQgqAHoAGk2bHXAcgBCagDAcgDywSqBPQBT9BkpWQGQHOQKtZrbOvrwNbOPuUo-1DoNgaLhJXAVpG6hM0j7vLQNOY7I185TTifGs452ur2wQMDyn0k6X6Q7E8KQlqowp4Ng8eGijnrzUNPYH-YpsbWVie84Z7dDcJizMPjsduN4ijrxMvhbquVTeJWQNW577Q5tZumH0gCLIQYdXbSOLD-iam8YUJeBAun_-qwvakecHF6JtsSupLTnZAh3iK0zk9QooUKk719eXWWkFoHbPWJucUsdF1mj9mbhkg6ilf5UjMhuwJY9l2DiGf2_7IquZkNjhp7GWGxj-_EABEJhTu3X-QAGLmFODFB1BLbOcAEne_Rs-IDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB-bTtt0CqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQ0ukK0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBgBcBshccChoIABIUcHViLTY1ODA1MzI0NTk1MTkwMDIYAA&sigh=PPFg0fl3-p0&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6580532459519002&output=html&h=280&slotname=9308357246&adk=2319559117&adf=2019286372&pi=t.ma~as.9308357246&w=853&fwrn=4&fwrnh=100&lmt=1644560624&rafmt=1&psa=0&format=853x280&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1644560624345&bpp=2&bdt=1313&idt=277&shv=r20220209&mjsv=m202202030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5401682363158&rume=1&frm=20&pv=1&ga_vid=1380359854.1644560624&ga_sid=1644560625&ga_hid=2082096466&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=276&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42531398%2C44750773%2C31064733%2C31061691%2C31061693&oid=2&pvsid=3191616802762528&pem=972&tmod=1024667465&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=T1BkMZ5KCT&p=http%3A//app2.atmovies.com.tw&dtd=283
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 06:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 95ms
48ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=app2.atmovies.com.tw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 96ms
49ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=app2.atmovies.com.tw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/ Frame 11EA 10 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 23:36:39 GMT
expires: Thu, 24 Feb 2022 23:36:39 GMT
cache-control: public, max-age=1209600
age: 24426
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/ Frame 8CA8 10 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4612
x-xss-protection: 0
date: Thu, 10 Feb 2022 23:36:39 GMT
expires: Thu, 24 Feb 2022 23:36:39 GMT
cache-control: public, max-age=1209600
age: 24426
etag: 18247940800414524076
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame 11EA 4 KB
1 KB 131ms
47ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 05:40:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 06:23:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 11EA 205 B
229 B 82ms
37ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 21:01:08 GMT
x-content-type-options: nosniff
age: 33757
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Feb 2023 21:01:08 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 11EA 604 B
628 B 81ms
37ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 16:04:26 GMT
x-content-type-options: nosniff
age: 51559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 10 Feb 2023 16:04:26 GMT

GET
H3 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame 11EA 19 KB
8 KB 83ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:05:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1125
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8079
x-xss-protection: 0
server: cafe
etag: 5902764951541284931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:05:00 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 8CA8 1 KB
875 B 133ms
93ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:12:38 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8CA8 0
0 80ms
80ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ5Tw8AAGYs-vKsKS7_UP5qqY4Ar5juqSaLzl2qiRD-_a0bqhLhABIM3d2AZgleKQgqAHoAGk2bHXAcgBCagDAcgDywSqBPUBT9BQxgy_uwP5SHrfL9vZXD2Dm5bTrQ4bt592aW0x0blmlqqZGphEhVWRhTrYnxS55HVljXpPnh5VJNKLO3B4iqRIlScqZKRiNuqvEY-qHTBGwf886GMI4hpI6ei6Dh8ArgNbzf4RCe81UkITYey8vRcA0NciSaqzLC1Ort6ePAx5OiTWLoGGFacN96uul2Ol1cMHP0gYY2Yc3jFgbklKxVoiJNOoGXJV0gX9GZObDrnMhnvQI0IOREiu4MJYi2phsl0Oh3ApJrSO-upkXH6MOmxDD2n2AGiziyR8OuCqEeTekrBLfdjPV4y9Q6mz8XzPJAuWF0zABJ3v0bPiA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfm07bdAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEP_DCNIICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi02NTgwNTMyNDU5NTE5MDAyGAA&sigh=9LfI2Ysw12Y&uach_m=[UACH]&template_id=484

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 06:23:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 8CA8 19 KB
8 KB 76ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:18:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 8CA8 2 KB
1 KB 130ms
91ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:19:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8CA8 124 KB
38 KB 96ms
52ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 8CA8 15 KB
6 KB 78ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:19:44 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 8CA8 27 KB
11 KB 73ms
37ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 May 2022 05:35:55 GMT

GET
H3 200 6592766407814317453
tpc.googlesyndication.com/simgad/11850904434001529940/ Frame 8CA8 48 KB
48 KB 83ms
47ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11850904434001529940/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53473b748f37677e5e8decf8a5c303b607854b96d399ecd6cfcc44a70157aacb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Sun, 06 Feb 2022 12:44:07 GMT
x-content-type-options: nosniff
age: 409178
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49004
x-xss-protection: 0
last-modified: Thu, 23 Dec 2021 03:50:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 06 Feb 2023 12:44:07 GMT

GET
DATA 200
OK truncated
/ Frame 52C5 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e2077b55b821a74b2b055caeea87153a93c75ec4b5aaea50afb60b7370919939

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8E0F 35 KB
13 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 22:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 22:45:42 GMT

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 52C5 60 KB
23 KB 127ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23078
x-xss-protection: 0
server: cafe
etag: 14764030400761178073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:19:18 GMT

GET
DATA 200
OK truncated
/ Frame 8CA8 222 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7e027256f51f97e712f9521e44c49c891160b0542dfd642941a3e39c8efb778

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 7F4E 4 KB
810 B 91ms
46ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 06:12:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 06:23:45 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 7F4E 1 KB
875 B 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:12:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 848
x-xss-protection: 0
server: cafe
etag: 2277666839114365613
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:12:38 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 7F4E 19 KB
8 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:18:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
server: cafe
etag: 7051432691878289762
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:18:59 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 7F4E 2 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:19:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7F4E 124 KB
38 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 7F4E 15 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 241
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:19:44 GMT

GET
H3 200 ff20f166b0acb5bbc58563e896201b58.js Show response
www.gstatic.com/mysidia/ Frame 7F4E 27 KB
11 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ff20f166b0acb5bbc58563e896201b58.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 05:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175670
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11452
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 06:53:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 10 May 2022 05:35:55 GMT

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame F251 35 KB
13 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 22:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 22:45:42 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8CA8 60 KB
23 KB 84ms
38ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23078
x-xss-protection: 0
server: cafe
etag: 14764030400761178073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:19:18 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 52C5 0
327 B 134ms
43ms Ping
image/gif 2a00:1450:400f:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kzi0xo2v&chm=1&ctx=2&gqid=8AAGYvjVKdSrrASt1LzAAQ&qqid=CLPm4t6B9_UCFVvluwgdZnYF7A&met.4=fb.i8~lb.ov~ol.pe~bdt.-18c~bpp.-7t~idt.-6~dtd.0~dt.-7v&met.3=555.p1~556.p1_1~749.pc_2~736.pf~735.pg_1~734.sl~113.tv_3~112.tu_4&met.1=1.kzi0xn90~6.1~7.1~8.1~9.1~10.14~11.1~12.14~13.hx~14.i7~15.i2~16.ow~17.ow~18.ow~19.p6~20.p6~21.pe~22.j3~23.j3&met.7=CAUQCBgBMI4FOJIHUAFYJ2ABaCdwhAV4t_cBgAGL9QGIAb2qBbABAbgBAw~CBwQChgBII8FKI8FMJYGOIcBaOMFcJYGePwIgAHQBogB0wuwAQG4AQM~CAkQChgBIJMFKJMFMI4GOHtQlAVY4wVgtgVo4wVwiwZ4tT-AAYk9iAGslgGwAQG4AQM~CB4QChgBIJQFKJQFMJUGOIIBaOMFcJQGeOELgAG1CYgB4RGwAQG4AQM~CCoQChgBIJQFKJQFMN8GOMsB~CBwQChgBIJQFKJQFMJQGOIABaOMFcJAGeIs0gAHfMYgBv3WwAQG4AQM~CBsQChgBIJQFKJQFMJMGOH8~CBcQAhgBIJUFKJUFMMgGOLMBaOMFcJYGeJOaAoAB55cCiAHnlwKwAQG4AQM~CCEQBBgBIK0FKK0FMIEGOFRorgVwgAZ4rAKwAQG4AQM~CCgQChgBIJQHKJQHMKEIOIwBQJUHSJYHUJYHWOwHYLwHaOwHcJMIeNK2AYABprQBiAHd3gOwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400f:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0DA 143 B
163 B 39ms
38ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Fri, 11 Feb 2022 06:03:08 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 1237
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 currency.json Show response
img.scupio.com/js/config/ Frame DD89 108 B
497 B 11ms
11ms XHR
application/json 65.9.7.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/js/config/currency.json
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-97.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 90c8ceab5c2d280204c690d5255617fd7a891bc3f27c97851266d726fdf93cbb

Request headers

Referer: https://img.scupio.com/html/ad.html?v=1.0.61
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
last-modified: Thu, 10 Feb 2022 19:15:08 GMT
server: nginx/1.12.1
age: 9
etag: "6205643c-6c"
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 108
x-amz-cf-id: _IA4-a-SbrG8uOniIdRw3eGHkeZ63vhWb6vbVJidHiXnu_9LAULEcQ==
expires: Fri, 11 Feb 2022 09:23:36 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame DD89 0
215 B 255ms
15ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0-pre&cb=88171805446

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://img.scupio.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://img.scupio.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

GET
H/1.1 204
No Content header Show response
hb.aralego.com/ Frame DD89 0
323 B 438ms
143ms XHR
text/plain 192.96.200.41
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-2737A3D93DB4933E0848ADD39E62996D&tdid=&schain=1.0%2C1!scupio.com%2C225%2C1%2C%2C%2C&eids=&pubcid=a440621a-3d33-49a0-8ce6-620cdd8415b9&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=http%3A%2F%2Fapp2.atmovies.com.tw&ucfUid=1ea80733-2c7e-48ac-9ecd-fee0ccd5f36e&w=300&h=250
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.200.41 Garrisonville, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://img.scupio.com
Date: Fri, 11 Feb 2022 06:23:46 GMT
Access-Control-Allow-Credentials: true
Connection: close

POST
H2 204 prebid.aspx Show response
prebid.scupio.com/recweb/ Frame DD89 0
163 B 633ms
208ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.3067844569385796
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 210.59.219.181 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: text/html
access-control-allow-origin: https://img.scupio.com
cache-control: private
access-control-allow-credentials: true

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame DD89
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=VD9L6QN2B6uM25v_8gAGYg

2 B
167 B

274ms
274ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=VD9L6QN2B6uM25v_8gAGYg
Protocol: H2
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

Redirect headers

date: Fri, 11 Feb 2022 06:23:46 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=VD9L6QN2B6uM25v_8gAGYg
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame DD89 0
176 B 499ms
164ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 11 Feb 2022 06:23:46 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame DD89 240 B
1 KB 216ms
193ms XHR
application/json 2602:803:c004:200::141
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17388&site_id=169838&zone_id=819608&size_id=15&rp_schain=1.0,1!scupio.com,225,1,,,&eid_pubcid.org=a440621a-3d33-49a0-8ce6-620cdd8415b9%5E1&rf=http%3A%2F%2Fapp2.atmovies.com.tw%2F&tk_flint=pbjs_lite_v5.20.0-pre&x_source.tid=00191d6c-b648-4f00-8ddc-7b7130410cd5&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.407781812982871
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 2602:803:c004:200::141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 94d5b48b385f1b4aca4e8854caceaee9998e80c7e240d9a8d8a30139135e17ca

Request headers

Referer: https://img.scupio.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 06:23:46 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 prebid.json Show response
ad.holmesmind.com/adserver/ Frame DD89 0
219 B 1216ms
269ms XHR
text/html 35.75.110.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/prebid.json?cb=1644560625354&hb=1&ver=1.21
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.75.110.87 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-75-110-87.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://img.scupio.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://img.scupio.com
date: Fri, 11 Feb 2022 06:23:46 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

POST
H3 204 csi
csi.gstatic.com/ Frame 8CA8 0
17 B 85ms
41ms Ping
image/gif 2a00:1450:400f:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kzi0xo6t&chm=1&ctx=2&gqid=8AAGYoTWKduPrASY5YyoBg&qqid=CM_n4t6B9_UCFULJuwgdZhUGrA&met.4=fb.2p~lb.7x~ol.8w~bdt.-1sz~bpp.-si~idt.-ld~dtd.-kx~dt.-sm&met.3=200.2o_7~555.82~556.82~749.8u_2~736.8x~735.94_1~734.ca~735.d3_1~113.d6_1~112.d6_1&met.1=1.kzi0xntn~6.1~7.1~8.1~9.1~10.1~12.2~13.14~14.15~15.26~16.7x~17.7x~18.7x~19.8o~20.8o~21.8w~22.4f~23.4f&met.7=CAwQCBgBKAEwKDjAAmgCcCh4sCaAAYQkiAHwULABAbgBAw~CBwQChgBIGQoZDDqATiGAWiNAXDqAXj8CIAB0AaIAdMLsAEBuAED~CCEQBBgBIGUoZTC2AThRaGVwtQF4rAKwAQG4AQM~CAkQChgBIGUoZTC0AThPaIwBcLEBeLU_gAGJPYgBrJYBsAEBuAED~CB4QChgBIGUoZTDpATiEAWiMAXDoAXjhC4ABtQmIAeERsAEBuAED~CCoQChgBIGYoZjDkATh_~CBwQChgBIGYoZjC7AThWaI0BcLQBeIs0gAHfMYgBv3WwAQG4AQM~CBsQChgBIGYoZjC3AThR~CBcQAhgBIGgoaDDhATh5aI0BcLsBeJiBA4AB7P4CiAHs_gKwAQG4AQM~CCgQChgBIMkCKMkCMLADOGdQyQJY9wJgyQJo9wJwnQN40rYBgAGmtAGIAd3eA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
10 KB 100ms
53ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220209&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

90345a582a40150a1e17eb98703a3dfeb0724ebea5862f8f24d8f7f965cd7621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9720
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F0DA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

90ms
90ms

Document
text/html

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 06:23:46 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 11 Feb 2022 06:23:46 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 11 Feb 2022 06:23:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DCC 35 KB
13 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 22:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27483
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 22:45:42 GMT

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 7F4E 60 KB
23 KB 39ms
39ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220209/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 267
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23078
x-xss-protection: 0
server: cafe
etag: 14764030400761178073
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 07:19:18 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 7F4E 0
17 B 42ms
42ms Ping
image/gif 2a00:1450:400f:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&puid=1~kzi0xoa2&chm=1&ctx=2&gqid=8AAGYoTWKduPrASY5YyoBg&qqid=CM7n4t6B9_UCFULJuwgdZhUGrA&met.4=fb.9~lb.3v~ol.58~bdt.-218~bpp.-10r~idt.-tm~dtd.-t6~dt.-10v&met.3=492.d_1~518.44~555.46~556.46~749.57_1~734.85~113.87_1~112.87_1&met.1=1.kzi0xo1w~14.5~15.0~16.5~17.5~18.5~19.5~20.5~21.5&met.7=CBIQBxgBIAooCjBmOFxQClg3YApoN3BleLoIgAGOBogBpiOqAREKD0dvb2dsZSBTYW5zOjQwMLABAbgBAw~CBwQChgBIA0oDTAyOCVoDXAyePwIgAHQBogB0wuwAQG4AQM~CAkQChgBIA4oDjA0OCZoDnAzeLU_gAGJPYgBrJYBsAEBuAED~CB4QChgBIA8oDzA1OCdoD3A0eOELgAG1CYgB4RGwAQG4AQM~CCoQChgBIA8oDzBMOD0~CBwQChgBIA8oDzA3OCloD3A1eIs0gAHfMYgBv3WwAQG4AQM~CBsQChgBIA8oDzA1OCc~CCgQBRgBIDkoOTBhOChoOnBheL0DgAGRAYgBjwGwAQG4AQM~CCgQChgBIMEBKMEBMO8BOC5owQFw6AF40rYBgAGmtAGIAd3eA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:45 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 06:23:45 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3EAF 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 04:35:47 GMT
expires: Sat, 11 Feb 2023 04:35:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 6479
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 211B 783 B
999 B 49ms
48ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14d7d44634d745e532c416d02f3fe714a084233dfd752936c78e848d5cd27391

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5fK/3HUi3tuuxMpSMVnunA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 06:23:46 GMT
date: Fri, 11 Feb 2022 06:23:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-5fK/3HUi3tuuxMpSMVnunA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3EAF 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 22:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 22:45:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 211B 0
0 92ms
91ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220209&jk=3191616802762528&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3EAF 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_03qWQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 52C5 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszS9pBi_2kxGSzfkUjX_QJD-UuvjwyNiKUGRdsNBzTydxgrxbpH_P0QhFM_zqfk-smRaK8cnBK8Ivi77TSmLmKZHGWt2Onll3Wtmo6dnDEbqW67TK-BA&sai=AMfl-YQUvHlm9fOXGrHaMUQcpu_dwQs73m-WtUIH1Ge3oNhAtNGCStSCeQ1IAs3FHHV4iI02b7AbaNbfQq91&sig=Cg0ArKJSzNwSWnZvCBKCEAE&id=lidar2&mcvt=1000&p=0,0,280,853&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=2319559117&rs=2&la=0&cr=0&vs=4&r=v&rst=1644560624628&rpt=912&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 48ms
48ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220209&jk=3191616802762528&bg=!T0ylTAjNAAbAtJCDwLQ7ACkAdvg8Wkdzd97FxAhGOzePFjyRhs5Rs4A73_Ld_WF5WybQeqA93pfdXQIAAABaUgAAAANoAQeZAsgjynzPn7uHPd2seocTT9NNZTTVIdLFtlzqSf325Sokflal7L_e4jY66IHZKWCYGv9yM3HL_7RUFh0zMIF2Wvux7gltNAEYeUY5Y9ySwlntY-Y_4S9lkXOvNEIe-bRk8fz-kAYsNSJU50AeDt3MXQPO3gyvsN9p5TC98bK_EduJZ0nVRKHzkcKD-qjACjsWGLXnuL-lPfjvY49d0LxngqFG2jo536_Eu3gddQOS3t17pi6KYMUxPj7q9nQs3hidqf1Vvft6br5YVh6N2wPXcl_0bsEkVIHxNfui7C_oyCoJ8o-ZXVLq5ayQqGgfPU-Hvvn6Tf0j-dyc2TkagJ3mmL9WiSCt0jKyB9SYkmvdvUh6ycEeJ0GBTnZhXLycs9gr_r0x66jxRaWTM0ymdvQRCr_bD9SGRZZAPKAnUr2cz33ONr7bV2311HW0Y7dYlcPuUXEMUDrwNv8Hkx_iDC8bhozAf6p0xs_PoNcMpQ3jM8eSnuAKxsvAmDSSo8vbCRRZbDIVNlljoIeW-fIlbGk6qNyOBuvr_Nc3V3m4US-Kfzh9clclbOpSjNkC23K44fBe6uO4o-9OJdTz5-FcLhJzdtkGxDmw2hETTXg1hCkXumti7ERo7uQis0l-VsuLmQvsMjWKThADsPbXMWHK4A5o1p9acez7MKQo6MLp-477CLCRmrQwySQ6vUL6KZyMN_mjVlqXNnzsZHdGfXPF5SDWI08_hVfbn7ayEuVcl1BR4H8GeTBEZi-OGNHvsFIj3npJko2T3YEv3qlg8g0gSVR1JCMBQ_7I6W3yEDkGROHTSoWqBUCjKbnAfGhgmqWygbQ4jOr6ygxU4leFYiaciHYO3FVqG_1rv3CUMYFu8J8jD49ZmCxPzpeK55MtDAZtsDzIFPP3wLpqeSinIP-a7TERXYe8Al9t2DbqIrWh0VEkF-t5lEFXxx7aI0xX

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8CA8 42 B
64 B 50ms
49ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVd04z5-HP8zlCfiTxt156_mUg9lYIDVqaiPLSWRIfWcgaTMLYgzA0CHn8rCOyBfVyMKFlMtemLt6svILmxGtwBn6ZRERB6i-tarx0IrExusv0dGKQZA&sai=AMfl-YQcB4gKf2YXYPMmfmcOX-zPr3AVDhG1MpInFAXg6vMBpLTr4k97l6hRrJzVGNITYkh-1IyPeHtx8Prw&sig=Cg0ArKJSzA02j_fsYjS3EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=132,815,1000,1124,1124&tos=132,683,185,124,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1644560625371&rpt=318&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 47ms
47ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&wpc=ca-pub-6580532459519002&su=app2.atmovies.com.tw&eid=42531398%2C44750773%2C31064733%2C31061691%2C31061693&doc=complete&pg_h=6942&pg_w=1600&pg_hs=6942&c=3&aa_c=0&av_h=229.667&av_w=1113.448&av_a=231232.083&s=514.938&all_s=514.938&b=597.531&all_b=597.531&d=0.099&all_d=0.099&ard=0.062&all_ard=0.062&dt=d

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ 0
17 B 43ms
42ms Ping
image/gif 2a00:1450:400f:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&top=1&puid=1~kzi0xnbd&c=3191616802762528&e=42531398%2C44750773%2C31064733%2C31061691%2C31061693&ctx=1&met.3=164.1yh~165.1ye_4~247.1yj~248.1yj~164.1yj~165.1yi_2~166.1y6_o~166.1yu_2~326.25o_2~216.25m_4~215.25m_4~843.25m_5~779.25t~868.25t~889.260~639.266~914.266~326.267~216.267~215.267~779.268~868.268~889.269~639.26g~914.26g~112.28q_2~629.2aa~158.2ix_a~639.2j8~914.2j8~247.2j8~248.2j8~164.2j9~165.2j8_1~639.2j9~914.2j9~166.2jx_2~429.2nu_1~453.2o2_1~754.2o4~453.2o4~754.2o4_1~453.2o6_1~754.2o7~453.2o7_1~453.2o8_1~453.2o8~453.2o9~454.2o9~454.2oa~454.2oa~453.2oa~753.2oc~353.2ny_f~210.2qp~326.2qq~164.2qq~165.2qq_1~466.2qq_1~326.2qr~164.2qr~165.2qr~466.2qq~522.2qp_2~779.2qs~779.2qs~868.2qs~868.2qs~525.2qu_5~525.2qy_9~639.2r8~914.2r8~639.2r8~914.2r8~264.2r8~264.2rf~264.2sy~264.2tc~264.2tg~264.2tw~264.2u7~264.2va~168.2vd_1~168.2vd_1~168.2vd~168.2vd~168.2vd~168.2vd~168.2vd~168.2vd~168.2vd~168.2ve~168.2ve~168.2ve~168.2ve~168.2ve~264.2vg~264.2vs~264.2w3~264.2wj~264.2yk~264.2yy~168.2z1~168.2z1~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~168.2z2~264.2z3~273.2zw~264.2zx~264.305~264.30c~264.30p~264.315~264.334~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33d~168.33f~168.33f~168.33f~168.33f~168.33f~168.33f~168.33f~168.33f~168.33f~168.33f~168.33f~264.33f~264.344~264.348~264.34j~113.34l_1~264.34v~264.35b~264.37c~264.37e~264.37m~264.383~264.38k~264.391~264.39h~264.39y~264.3ah~264.3av~264.3be~264.3ci~264.3cx~264.3cy~264.3d6~264.3do~264.3e8~264.3ek~264.3f1~264.3fi~264.3fz~264.3gf~264.3gw~264.3hd~264.3ht~264.3ia~264.3iq~264.3j7~264.3jo~264.3k4~264.3kl~264.3l2~264.3lj~264.3lz~264.3mg~264.3mx~264.3nd_1~264.3nu~264.3ob~264.3or~264.3p8~264.3po~264.3q5~264.3qm~264.3r2~264.3rj~264.3s0~264.3sg~264.3sx~264.3te~264.3tu~264.3ub~264.3us~264.3v9~264.3vp~264.3w6~264.3wm~264.3x3~264.3xk~257.3y1~264.3y1_1~264.3yh&met.7=CBsQCMAB0vCrhg8~CBsQByDaCTjaBMAB8dOYkgw~CBsQCiDaCTjyB8AB0Kbhmgo~CBsQCiDaCTiVA8AB573f5Ag~CBsQCiDaCTjJBMABzr6djgI~CBsQCiDaCTjfBMABiK2p_g4~CBsQCiDaCTjfBMABoLmU0ws~CBsQCiDaCTjkBMABh4fz7Qc~CBsQCiDaCTiUBsABksfDiwM~CBsQCiDaCTiiBsABo7rphg0~CBsQCiDbCTipBsABpMmA0g0~CBsQByDbCTiaA8ABwsn1uwc~CAEQChgBINsJKNsJMNkTOP4JQN4RSOwRUOwRWJISaJIScMsSeOGkA4ABtaIDiAGNwQmwAQG4AQPAAfbmnq4H~CBsQByDbCTiUA8ABj9OluQY~CBsQBiDbCTjXCcAB3ej73wQ~CBsQBiDbCTjYCcABnuHG2ww~CBsQBiCQCzihCMAB-PCA9go~CBsQBiCQCzivCMABv5v8iAg~CBsQCiDZDDjGBsABrvPt6QY~CAIQChgBINoMKNoMMLQUONoHQN4RSOwRUOwRWJISaJIScMkSeO-7AoABw7kCiAGgjwewAQG4AQPAAdG-o48J~CBsQCiDaDDiyBcABjLmd5gE~CBsQAiC1DjiYA8ABzaDomwM~CBIQAhgBILUOKLUOMI0POFhAtQ5ItQ5QtQ5Y2w5o2w5wjA94swmAAYcHiAGBZKoBQAolT3BlbitTYW5zOjQwMCw0MDBpdGFsaWMsNzAwLDcwMGl0YWxpYwoXT3BlbitTYW5zK0NvbmRlbnNlZDo3MDCwAQG4AQPAAfWs0uQF~CBsQCiDdETilAcAB2euw8wo~CBsQAiDgETjlAcAB8fCZ6QY~CBMQAhgBIOERKOERMIATOJ8BQOERSOERUOERWIcSaIcScK8SeJzfAoAB8NwCiAHw3AKqAQ4KCG9wZW5zYW5zEBsYArABAbgBA8ABpqmwxAY~CBMQAhgBIOIRKOIRMNsSOHhQ4xFYiRJoiRJwsBJ48IEBgAHEf4gBxH-qARcKEW9wZW5zYW5zY29uZGVuc2VkEBUYArABAbgBA8AB8sXDugI~CBsQDSCVEzgwwAGAkfKHCA~CCgQDRgBIMcTKMcTMIEUODvAAeKygLkD~CAMQChgBIOcTKOcTMNkVOPIBUOgTWLsUYI4UaLsUcP8UeLXBBoABib8GiAGFhhKwAQG4AQPAAdrSlsQI~CAwQBRgBIPUTKPUTMO0UOHdA9hNI9xNQ9xNYyBRgmxRoyBRw7BR4sCaAAYQkiAHwULABAbgBA8AB2a-p8Qg~CBwQChgBIO4VKO4VMNcWOGhonRZwxBZ476oBgAHDqAGIAaG0A7ABAbgBA8AB4tLGugU~CBwQBhgBIPYVKPYVMNcWOGFQ9hVYnRZg9hVonRZw1xZ4rAKwAQG4AQPAAZSE4rUO~CC8QBxgBIPYVKPYVMPgWOIIBQPYVSPYVUPYVWMkWYJoWaMkWcPcWeJADgAFkiAFrsAEBuAEDwAHttbKwCg~CC8QBxgBIPYVKPYVMPsWOIUBQPYVSPYVUPYVWMsWYJ0WaMsWcPoWeJADgAFkiAFrsAEBuAEDwAGb_4nHBw~CBsQChgBIPMVKPMVMJEXOJ8BQPMVSJAWUJAWWOIWYLUWaOIWcJEXePYDgAHKAYgB2wGwAQG4AQPAAeSq4PAC~CBsQCiDaDDjsDMAByIerzwk~CBsQBSD5GTgawAHIxOLLDQ~CAUQBRgBIP0VKP0VMO4aOPEEaK0WcL0aeNCJBIABpIcEiAGpmRCwAQG4AQPAAZDHsvAI~CAUQBRgBIIUWKIUWMJQbOI4FUIYWWK0WYIYWaK0WcIkbeLf3AYABi_UBiAG9qgWwAQG4AQPAAZDHsvAI~CBsQBiDaDDj5DsAB2_-EgAs~CBwQChgBIPsaKPsaMNwbOGFo_Bpwtxt4vasDgAGRqQOIAbmvCbABAbgBA8ABtc-13QI~CC8QBxgBIOQbKOQbMMQcOF9Q5RtYkxxg5Rtokxxwwxx4kAOAAWSIAWuwAQG4AQPAAe21srAK~CAwQBRgBIOcbKOcbMJAcOClo6Btwjxx4sCaAAYQkiAHwULABAbgBA8ABgtzFlwk~CAwQBRgBIOwbKOwbMJUcOCho7htwlBx4sCaAAYQkiAHwULABAbgBA8ABgtzFlwk~CC8QBxgBIOUbKOUbMMUcOGBQ5RtYkxxg5RtokxxwxRx4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CBsQDSD0GTjwBMAB5uingQw~CBsQCDjRH8AB0vCrhg8~CBsQDSD1GTiwBsAB6MqRwA8~CCcQDRgBINAfKNAfMLwgOGtQ0R9Y_x9g0R9o_x9wtCB4pE6AAfhLiAH9Y7ABAbgBA8AB8_LLrgs~CCcQChgBIL0gKL0gMPMgODfAAeLBm9oF~CCcQBRgBIPsgKPsgMKEhOCfAAZmVn6AL~CBsQBRgBIPwgKPwgMK4hODLAAc_G2uIB~CBwQBhgBIMAmKMAmMPEmODFowSZw8SZ4rAKwAQG4AQPAAZSE4rUO~CBwQBhgBILonKLonMOknODBouidw6Sd4rAKwAQG4AQPAAZSE4rUO&met.1=1.kzi0xl2n~6.0~7.1~8.g6~9.g6~10.lr~12.lr~13.xz~14.195~15.y1~16.2j9~17.2j9~18.2jv~19.34g~20.34g~21.34h~22.1s4~23.1s4
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/rum_fy2019.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400f:800::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://app2.atmovies.com.tw/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9862 153 KB
53 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39db767587d4955d9a867ed89b129f39c614fa1f4a7399fc64b14d908e979ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53871
x-xss-protection: 0
server: cafe
etag: 17092701474768453411
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 06:23:47 GMT

POST
H/1.1 200
OK bidinfo.aspx Show response
bw.scupio.com/adpinline/ Frame DD89 2 KB
2 KB 803ms
202ms XHR
application/javascript 210.59.219.180
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.4788681618031576
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 210.59.219.180 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 69199efc7a0c5a7c74c99a46668105fdf6ee890731a7308e2dcba5553e2f3c7f

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://img.scupio.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Fri, 11 Feb 2022 06:23:47 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
P3P: CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin: https://img.scupio.com
Cache-Control: private
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Content-Length: 1474

GET
DATA 200
OK truncated
/ Frame DD89 762 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ Frame DD89 85 KB
27 KB 46ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.113.js

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Feb 2022 06:23:47 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/ Frame 9862 290 KB
104 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4866695676912380&plah=img.scupio.com&bust=31064772

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a233318e5d99cea088aad43dcdad12b3d4763f9c108df13d73588e60db0cc14a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106757
x-xss-protection: 0
server: cafe
etag: 4276271751027202278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame F547 13 KB
5 KB 50ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=app2.atmovies.com.tw

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2135
date: Fri, 11 Feb 2022 06:23:47 GMT
content-length: 5147
strict-transport-security: max-age=31536000; preload;

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame DD89 90 KB
28 KB 56ms
29ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 09:04:35 GMT
server: nginx
etag: W/"61f7a623-16685"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 12 Feb 2022 06:23:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9862 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=img.scupio.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202202070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4866695676912380&plah=img.scupio.com&bust=31064772

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9862 107 B
122 B 48ms
48ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=img.scupio.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 36EC 26 KB
12 KB 293ms
292ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e36cee99e6301eeb9d1d1af29a14f8e32757185ef4576c68a4b8a6276701f310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 11 Feb 2022 06:23:47 GMT
server: cafe
content-length: 12100
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9862 12 KB
10 KB 52ms
52ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220209&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22bfb184ddc5aacc316cc9705911968276a7cecf1cb9abb46ee38cac34580caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9717
x-xss-protection: 0

GET
H2

200

sid Show response
mug.criteo.com/ Frame F547
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=app2.atmovies.com.tw&lsw=1
https://mug.criteo.com/sid?cpp=sjO1znwxVEZMa3NyMVFhMDA3SkhaZ3cyNjVidmxWL2Q1citZL1pET1hsK3NrTGh1bkd5VlZRRDVOS3ptKzQrT2Q4NFZkNmhqc29mY01LcGpkcVo2Y01ndG5vdjA3Zjk1Nitob0hDbEVmRTVoL2YwSS9IYW1RVHAvMkpYMX...

428 B
630 B

57ms
16ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=sjO1znwxVEZMa3NyMVFhMDA3SkhaZ3cyNjVidmxWL2Q1citZL1pET1hsK3NrTGh1bkd5VlZRRDVOS3ptKzQrT2Q4NFZkNmhqc29mY01LcGpkcVo2Y01ndG5vdjA3Zjk1Nitob0hDbEVmRTVoL2YwSS9IYW1RVHAvMkpYMXNleVpML1VSaTdCaEpKblZCOWhEb2JaSlJpSHppMi9zay9OSkt1NjhURzNhZjU3WXRlLzZobWg3VkMyNlN0bUVITE14VFpBSTExNGVvOTEza2ZjSTd1b0k3aS9wME03RTFoWU5oN1JHUTdMV3VzamRiR3dLS3BiTTl3U3dTcHhTK2Q3Rk5Sc1ZDWWMxa1NGYzE0OXIvM08zN3ZFWUJrMGhTR28wNkJYSFRURzRNZzRldFRmMD18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

aef8c5f433fd61f37461a4cb8443d315f367ad7e9de19e65676f71fdcf7af7c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:46 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4254
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:47 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=sjO1znwxVEZMa3NyMVFhMDA3SkhaZ3cyNjVidmxWL2Q1citZL1pET1hsK3NrTGh1bkd5VlZRRDVOS3ptKzQrT2Q4NFZkNmhqc29mY01LcGpkcVo2Y01ndG5vdjA3Zjk1Nitob0hDbEVmRTVoL2YwSS9IYW1RVHAvMkpYMXNleVpML1VSaTdCaEpKblZCOWhEb2JaSlJpSHppMi9zay9OSkt1NjhURzNhZjU3WXRlLzZobWg3VkMyNlN0bUVITE14VFpBSTExNGVvOTEza2ZjSTd1b0k3aS9wME03RTFoWU5oN1JHUTdMV3VzamRiR3dLS3BiTTl3U3dTcHhTK2Q3Rk5Sc1ZDWWMxa1NGYzE0OXIvM08zN3ZFWUJrMGhTR28wNkJYSFRURzRNZzRldFRmMD18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1905
content-length: 567
expires: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9862 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E8D1 13 KB
5 KB 37ms
36ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 11 Feb 2022 04:35:47 GMT
expires: Sat, 11 Feb 2023 04:35:47 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 6480
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EFD4 783 B
535 B 98ms
48ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1ccfa6320460899399dad32620c42c4d78d758a1f82ad8d7c62b5337324c35cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-J20P6xr3S2U+sk/1ZvBEog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 11 Feb 2022 06:23:47 GMT
date: Fri, 11 Feb 2022 06:23:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-J20P6xr3S2U+sk/1ZvBEog' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 -KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js Show response
pagead2.googlesyndication.com/bg/ Frame E8D1 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-KWncqjjGzUwfkE9Iz7kKrmGQUyasx7mQMa73T4tfiM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 10 Feb 2022 22:45:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13554
x-xss-protection: 0
last-modified: Tue, 08 Feb 2022 16:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 10 Feb 2023 22:45:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EFD4 0
0 91ms
91ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220209&jk=2580302469599475&rc=
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E8D1 0
9 B 36ms
36ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t7igBA
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK js Show response
tags.mathtag.com/notify/ Frame 36EC 3 KB
2 KB 86ms
48ms Script
application/x-javascript 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldReVkyRmxZamd0T1dZNU9DMHdNekV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMDA1NDQyMjgxNTE5Mzg5MzIvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWjUwN0tMS2pBTjBpMlB5eUl6TFlXcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MTAwNTQ0MjI4MTUxOTM4OTMyL3pyaC8wLzIxMC8zMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0NDU2MDYyNy8xNjQ0NTczMjI3LzQvcHViLTQ4NjY2OTU2NzY5MTIzODAv/BcJgATiFWvMggaw73goZ5UgdLdE&nodeid=338&group=zrh&auctionid=5100544228151938932&shardkey=5100544228151938932&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%26client%3Dca-pub-4866695676912380%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.1 /
Resource Hash: fd8c1e52950e26a16d004c782427f663daea358307525226bdf2d9f8d21459d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Encoding: gzip
x-mm-bid-request-time: 1644560627
Last-Modified: Fri, 11 Feb 2022 06:23:47 GMT
Server: MMBD/3.300.1
x-mm-latency: 33 (1)
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
x-mm-dbg: Count
Cache-Control: no-cache
x-mm-host: cdg-router-x93, zrh-bidder-x39
Connection: close
Content-Type: application/x-javascript; charset=UTF-8
Expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 36EC 2 KB
1 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 257
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:19:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 36EC 124 KB
38 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38562
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1644410386637351"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 36EC 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:19:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6367
x-xss-protection: 0
server: cafe
etag: 17798303060702513824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 25 Feb 2022 06:19:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 36EC 0
0 47ms
46ms Image
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQiu2ujff4QmbqImvONQTkOl9Cn-nNTuR8uEon6CXuvm8gfO11e8FHG8IkHdbYZhR7UZna_kiruqqlBY5-kmkZxXCt7IQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 36EC 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CY9VZ8wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBOsBT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAuBwEzfR0IbYLS1G6fAbkJF_7PiYvejKb9pI0T0eRDF0vgFOQwuzYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ4NjY2OTU2NzY5MTIzODAYyuUV&sigh=V69U-n-50oU&uach_m=[UACH]&cid=CAQSKQCNIrLMWYF9ZwFyc8JI2yL0AIJ4e7Ig6ebaMf_KVGStrBkrpyQJQ7w9GAE&tpd=AGWhJmvsC0fmYjWgVSotZ_ELoHUCHdH-cIHs1AylCyTHzzov2_X--33_ptUnPQpwkpVvttJgwtoHtPG-cpmcgGtO9wtwC6y-My9oeSHWzYB7mzMRwAfhNQgXLr6Ml19a5keKskOF8WBAKuA-uOJrDjCbx0EIQWTp_tnnZx5rH7sHdxY3vyrYBRun57fE13PRnnr3SDu2WlUrZkJaT8K6CXhPiH6ULhi59BiNHcOi0mzajpjbyZQ4HHz0MKv5sSXeMbtQ9nHwpJYamWGhaovsJiENtDQLsUbgalWptFuJ7RjUjAE3X13ML7xHf1ddicj35gN_vdXqI8edg1_Jr_kfoaTNBIxOnw-RquNpO0Qfr-CjIONP8VEMtH8DM13LAbpZ4oE7G6omATgHnGW1_1tRhCziUKbyLBrOdC-lie8KYRKEQWtRtPR-EPplCadNQHNHgyZJRChkgeCC_1trZAVMmeV6bRf3qmqaFNdtPOwk49vMzMyJL3zCLnMAfTTW0LApQsX_ckoHrM_hGKa3V6Hwza7dbUJROAby1NbKjtE2k2URs6-nW8060xyRI3ELwLJA8U1gFkrq1mYsKZizFszcQfhgPW2u5HFZLimZADgl8svJeziQJZfKECdIFT6NTEuWrdnUQN1KRKjnSwkl-2qqY1tI7m4ygKP2yuTDYdIkL55FPdiFzqzgGv4Hyf75_pouFXeg7rQMOdVLVQuYM3pY9MOVpSm40O23G8Kidwjixq4W0K7JAhHXBPdTFoeCbadESNMn35Lzs3RMMBvix8uhIXhOiP_e5Hsb0HGrBm9NBa81N--mbs573cZCAFGQgb1iyOnETXR32x9a0MTsAxOxHrJEVWtHAbdhtOog7PBJknp4pnyku4eIC1PXFA08eZUSb3BouD_3PZ8cMnRyuaaEOHKjWxrSZ9Kpb6VGO2laDaDzXDqGam2laY1UZ2fzK4_rUOkkWafIl-rrk_7p5d3n_-tTZoNkBJ5gcwKVnuZUaEGaP0lrfyDI9ptWUd5Xf8PHnt7__e3n_4maGTv_AXvA_GagELuCNnyP7egAPXISQ8Zl2sNnH9eNQ6Gp9kJjeurGQHXcjA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 11 Feb 2022 06:23:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK 01qrvgnrrbds Show response
hal9000.redintelligence.net/zone/ Frame 36EC 10 KB
3 KB 43ms
12ms Script
text/html 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=5100544228151938932&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYgYA8wALZw0K7f-dQgY48g%26mt_aid%3D5100544228151938932%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_cid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%2526client%253Dca-pub-4866695676912380%2526adurl%253D%26redirect%3D
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 2d679b9ebde19e21e5803acd7d27bb26815ae4100c92f0bb2e6a8d7bde66c4cb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 3353
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK ck-confirm
tags.mathtag.com/ Frame 36EC 49 B
329 B 62ms
34ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/ck-confirm?bid_id=5100544228151938932&node_id=338&exch_id=4
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldReVkyRmxZamd0T1dZNU9DMHdNekV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMDA1NDQyMjgxNTE5Mzg5MzIvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWjUwN0tMS2pBTjBpMlB5eUl6TFlXcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MTAwNTQ0MjI4MTUxOTM4OTMyL3pyaC8wLzIxMC8zMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0NDU2MDYyNy8xNjQ0NTczMjI3LzQvcHViLTQ4NjY2OTU2NzY5MTIzODAv/BcJgATiFWvMggaw73goZ5UgdLdE&nodeid=338&group=zrh&auctionid=5100544228151938932&shardkey=5100544228151938932&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%26client%3Dca-pub-4866695676912380%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Server: MMBD/3.300.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x41, zrh-bidder-x39
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H/1.1 200
OK analytics.js Show response
s.update.mediamathtag.com/2/619621/ Frame 36EC 7 KB
3 KB 151ms
29ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//app2.atmovies.com.tw/film/extend/fphk2105530003&ui=5d2caeb8-9f98-0312-0000-000000000000&ap=&ti=5100544228151938932&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&pp=pub-4866695676912380&sr=4&de=43003&si=410147113&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a03:1b20:6::&r2=&r3=

Requested by

Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldReVkyRmxZamd0T1dZNU9DMHdNekV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMDA1NDQyMjgxNTE5Mzg5MzIvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWjUwN0tMS2pBTjBpMlB5eUl6TFlXcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MTAwNTQ0MjI4MTUxOTM4OTMyL3pyaC8wLzIxMC8zMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0NDU2MDYyNy8xNjQ0NTczMjI3LzQvcHViLTQ4NjY2OTU2NzY5MTIzODAv/BcJgATiFWvMggaw73goZ5UgdLdE&nodeid=338&group=zrh&auctionid=5100544228151938932&shardkey=5100544228151938932&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%26client%3Dca-pub-4866695676912380%26adurl%3D

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

405bd8e7ec691f5cf5517a894b54dbff001cfff31fd8625abfb768e55813eac7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 06:23:47 GMT
Content-Encoding: gzip
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: *
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache, no-store, must-revalidate, no-transform, private, max-age=0
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 3022
Expires: 0

GET
H/1.1 200
OK img
pixel.mathtag.com/event/ Frame 36EC 43 B
405 B 66ms
36ms Image
image/gif 2.18.233.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/event/img?mt_id=1368875&mt_adid=216764&v1=4&v2=5100544228151938932&v3=651871&v4=4562306&v5=6622326&mt_nsync=1&no_attr=1
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldReVkyRmxZamd0T1dZNU9DMHdNekV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMDA1NDQyMjgxNTE5Mzg5MzIvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWjUwN0tMS2pBTjBpMlB5eUl6TFlXcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MTAwNTQ0MjI4MTUxOTM4OTMyL3pyaC8wLzIxMC8zMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0NDU2MDYyNy8xNjQ0NTczMjI3LzQvcHViLTQ4NjY2OTU2NzY5MTIzODAv/BcJgATiFWvMggaw73goZ5UgdLdE&nodeid=338&group=zrh&auctionid=5100544228151938932&shardkey=5100544228151938932&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%26client%3Dca-pub-4866695676912380%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-201.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Server: MT3 4133 baa842e master cdg-pixel-x15 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H/1.1 200
OK img
tags.mathtag.com/event/ Frame 36EC 49 B
329 B 53ms
25ms Image
image/gif 185.29.134.249
MEDIAMATH-INC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.mathtag.com/event/img?type=mmImpTrack&exch=adx&bid=5100544228151938932&st=4562306&time=1644560627&nodeid=338
Requested by: Host: tags.mathtag.com
URL: https://tags.mathtag.com/notify/js?exch=adx&s_exch=adx&id=5aW95q2jLzIzLyAvTldReVkyRmxZamd0T1dZNU9DMHdNekV5TFRBd01EQXRNREF3TURBd01EQXdNREF3LzUxMDA1NDQyMjgxNTE5Mzg5MzIvNjYyMjMyNi80NTYyMzA2LzQvVk5HUC1tNkRnUUNLVVAyci1zajItWjUwN0tMS2pBTjBpMlB5eUl6TFlXcy8xLzQvMC8wLzk1NjgwMy8wLzIxNjUzNi82NTE4NzEvMS8wLzAvTURBd01EQXdNREF0TURBd01DMHdNREF3TFRBd01EQXRNREF3TURBd01EQXdNREF3LzAvMC8wLzAvMC81MTAwNTQ0MjI4MTUxOTM4OTMyL3pyaC8wLzIxMC8zMC85OTkvMzIyLzJhMDM6MWIyMDo2OjovMC4wMDAvMTY0NDU2MDYyNy8xNjQ0NTczMjI3LzQvcHViLTQ4NjY2OTU2NzY5MTIzODAv/BcJgATiFWvMggaw73goZ5UgdLdE&nodeid=338&group=zrh&auctionid=5100544228151938932&shardkey=5100544228151938932&sid=4562306&cid=6622326&bp=a_bgiccg&nfy_act=LD5weg&type=adm&client=c2s&bfip=185.29.132.71&3pck=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%26client%3Dca-pub-4866695676912380%26adurl%3D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.29.134.249 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software: MMBD/3.300.1 /
Resource Hash: 1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Server: MMBD/3.300.1
Content-Type: image/gif
Cache-Control: no-cache
x-mm-host: cdg-router-x86, zrh-bidder-x39
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 49
Expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H/1.1 200
OK request.php Show response
hal90005.redintelligence.net/ Frame 36EC 3 KB
2 KB 145ms
109ms Script
application/x-javascript 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a0aeb50277&subid=&uid=ba7935dcedc03cbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYgYA8wALZw0K7f-dQgY48g%26mt_aid%3D5100544228151938932%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_cid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%2526client%253Dca-pub-4866695676912380%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4866695676912380%26output%3Dhtml%26h%3D250%26slotname%3D4083490061%26adk%3D1796691117%26adf%3D3407277733%26pi%3Dt.ma~as.4083490061%26w%3D300%26fwrn%3D16%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252Ffilm%252Fextend%252Ffphk2105530003%252F%26ea%3D0%26flash%3D0%26wgl%3D1%26dt%3D1644560627455%26bpp%3D3%26bdt%3D1632%26idt%3D129%26shv%3Dr20220209%26mjsv%3Dm202202070101%26ptt%3D9%26saldr%3Daa%26correlator%3D3285008017951%26frm%3D24%26ife%3D1%26pv%3D2%26ga_vid%3D1524960524.1644560628%26ga_sid%3D1644560628%26ga_hid%3D1660094509%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D250%26ifk%3D1787431411%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D42531398%252C182982100%252C182982300%252C31062423%252C31064772%252C44756895%26oid%3D2%26pvsid%3D2580302469599475%26pem%3D698%26tmod%3D541231473%26uas%3D0%26nvt%3D1%26loc%3DEMPTY%26top%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252F%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.oii5sdg0ptog%26fsb%3D1%26dtd%3D159&ancestorOrigins=null&random=8787741280431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by: Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/01qrvgnrrbds?subid=&gdpr=1&gdpr_consent=li&rnd=5100544228151938932&extVar[]=DOUBLEBORDER:1&extVar[]=MMA_SSP:adx&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYgYA8wALZw0K7f-dQgY48g%26mt_aid%3D5100544228151938932%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_cid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%2526client%253Dca-pub-4866695676912380%2526adurl%253D%26redirect%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 36c89a76de66ef92ad694258272089f24cf0cb8f5cf449641d8f465bc146c714

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 22170800027226400951393011867005
Connection: close
Content-Type: application/x-javascript; charset=utf-8
Content-Length: 1132
Expires: Fri, 11 Feb 2022 06:23:48 +0100

GET
H2 200 ls.html Show response
img.scupio.com/html/ Frame D29F 1 KB
1 KB 8ms
7ms Document
text/html 65.9.7.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.scupio.com/html/ls.html
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.7.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-7-97.fra56.r.cloudfront.net
Software: nginx/1.12.1 /
Resource Hash: 204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/html/ad.html?v=1.0.61

Response headers

content-type: text/html; charset=utf-8
server: nginx/1.12.1
last-modified: Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin: *
content-encoding: gzip
date: Fri, 11 Feb 2022 05:27:41 GMT
expires: Fri, 18 Feb 2022 05:26:31 GMT
cache-control: max-age=604800
etag: W/"583295c9-4dc"
x-cache: Hit from cloudfront
via: 1.1 5ab5e654a3dc7079aad7ac64ec697d82.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: hZJDfrr0vuTY0Sn33_YqdsBo4YR8dpUbOiReYBwPZwKV0iIMoYgaTQ==
age: 3437

GET
H/1.1

200
OK

ggid.aspx Show response
rec.scupio.com/recweb/ Frame C2AD
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q05BMjAyMjAyMTExNDIzNDgxNTY1Mg%3d%3d&layout=js
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEDjYAF1x_Ri-RHntmREDDDk&google_cver=1&google_ula=3918219,0

0
550 B

1053ms
200ms

Script
text/javascript

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEDjYAF1x_Ri-RHntmREDDDk&google_cver=1&google_ula=3918219,0
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61
Protocol: HTTP/1.1
Server: 210.59.219.175 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:49 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: text/javascript
Content-Length: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEDjYAF1x_Ri-RHntmREDDDk&google_cver=1&google_ula=3918219,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E1BF
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

281 B
554 B

37ms
7ms

Document
text/html

104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by: Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 14 Dec 2021 23:07:59 GMT
ETag: "40014-119-5d32342a551c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 11 Feb 2022 06:23:48 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

server: AkamaiGHost
content-length: 0
location: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
date: Fri, 11 Feb 2022 06:23:48 GMT
access-control-allow-credentials: true
access-control-allow-origin: *

GET
H2 200 /
www.facebook.com/tr/ Frame C2AD 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.61&rl=&if=true&ts=1644560628158&cd[SBST]=19&cd[PuID]=atMovies

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 11 Feb 2022 06:23:48 GMT

GET
H/1.1

200
OK

uxid.aspx
rec.scupio.com/recweb/ Frame C2AD
Redirect Chain

https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CNA2022021114234815652
https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID

35 B
580 B

865ms
201ms

Image
image/gif

210.59.219.175
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Requested by: Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61
Protocol: HTTP/1.1
Server: 210.59.219.175 Zhonghe, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:49 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control: private
Content-Type: image/gif
Content-Length: 35

Redirect headers

Location: https://rec.scupio.com/recweb/uxid.aspx?id=UCFUID
Date: Fri, 11 Feb 2022 06:23:48 GMT
Connection: close
Content-Length: 71
Vary: Accept, Accept-Encoding
Content-Type: text/plain; charset=utf-8

GET
H2

200

view.aspx Show response
pb.media01.eu/ Frame A744
Redirect Chain

https://pv.medialead.de/trck/epv/e99aace94e6e5873830a7df8deda4aa6?subid=22170800027226400951393011867005&t=htlp
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22170800027226400951393011867005&actionid=981741&produktid=&dt_url=

0
629 B

145ms
112ms

Document
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22170800027226400951393011867005&actionid=981741&produktid=&dt_url=

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a0aeb50277&subid=&uid=ba7935dcedc03cbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYgYA8wALZw0K7f-dQgY48g%26mt_aid%3D5100544228151938932%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_cid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%2526client%253Dca-pub-4866695676912380%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4866695676912380%26output%3Dhtml%26h%3D250%26slotname%3D4083490061%26adk%3D1796691117%26adf%3D3407277733%26pi%3Dt.ma~as.4083490061%26w%3D300%26fwrn%3D16%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252Ffilm%252Fextend%252Ffphk2105530003%252F%26ea%3D0%26flash%3D0%26wgl%3D1%26dt%3D1644560627455%26bpp%3D3%26bdt%3D1632%26idt%3D129%26shv%3Dr20220209%26mjsv%3Dm202202070101%26ptt%3D9%26saldr%3Daa%26correlator%3D3285008017951%26frm%3D24%26ife%3D1%26pv%3D2%26ga_vid%3D1524960524.1644560628%26ga_sid%3D1644560628%26ga_hid%3D1660094509%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D250%26ifk%3D1787431411%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D42531398%252C182982100%252C182982300%252C31062423%252C31064772%252C44756895%26oid%3D2%26pvsid%3D2580302469599475%26pem%3D698%26tmod%3D541231473%26uas%3D0%26nvt%3D1%26loc%3DEMPTY%26top%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252F%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.oii5sdg0ptog%26fsb%3D1%26dtd%3D159&ancestorOrigins=null&random=8787741280431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

88.198.250.30 Baienfurt, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
content-type: text/html; charset=UTF-8
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Fri, 11 Feb 2022 07:23:47 GMT
server: Microsoft-IIS/10.0
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin: *
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Fri, 11 Feb 2022 06:23:46 GMT
content-length: 0

Redirect headers

Server: nginx/1.17.5
Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Type: application/javascript
Content-Length: 0
Keep-Alive: timeout=20
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=22170800027226400951393011867005&actionid=981741&produktid=&dt_url=
Host: pv.medialead.de
Proxy-Host: pv.medialead.de
X-IPLB-Request-ID: B9D59BA4:E0F8_91EFC182:01BB_620600F4_49EDA8B:1E71B
Strict-Transport-Security: max-age=15768000
X-IPLB-Instance: 40027

GET
H2

200

htlp Show response
futalis.de/ Frame 64CC
Redirect Chain

https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=22170800027226400951393011867005&ra_cnt_active=1&ra_cnt=1
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1207393666

350 B
409 B

50ms
16ms

Document
text/html

167.233.14.134
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1207393666
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a0aeb50277&subid=&uid=ba7935dcedc03cbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYgYA8wALZw0K7f-dQgY48g%26mt_aid%3D5100544228151938932%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_cid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%2526client%253Dca-pub-4866695676912380%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4866695676912380%26output%3Dhtml%26h%3D250%26slotname%3D4083490061%26adk%3D1796691117%26adf%3D3407277733%26pi%3Dt.ma~as.4083490061%26w%3D300%26fwrn%3D16%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252Ffilm%252Fextend%252Ffphk2105530003%252F%26ea%3D0%26flash%3D0%26wgl%3D1%26dt%3D1644560627455%26bpp%3D3%26bdt%3D1632%26idt%3D129%26shv%3Dr20220209%26mjsv%3Dm202202070101%26ptt%3D9%26saldr%3Daa%26correlator%3D3285008017951%26frm%3D24%26ife%3D1%26pv%3D2%26ga_vid%3D1524960524.1644560628%26ga_sid%3D1644560628%26ga_hid%3D1660094509%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D250%26ifk%3D1787431411%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D42531398%252C182982100%252C182982300%252C31062423%252C31064772%252C44756895%26oid%3D2%26pvsid%3D2580302469599475%26pem%3D698%26tmod%3D541231473%26uas%3D0%26nvt%3D1%26loc%3DEMPTY%26top%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252F%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.oii5sdg0ptog%26fsb%3D1%26dtd%3D159&ancestorOrigins=null&random=8787741280431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: lb-2.futalis.de
Software: /
Resource Hash: 582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

content-length: 350
content-type: text/html; charset=utf-8

Redirect headers

date: Fri, 11 Feb 2022 06:23:48 GMT
server: Apache
p3p: policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
location: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1207393666
content-length: 0
content-type: text/html; charset=utf-8

GET
H3

200

activityi;dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512 Show response
8019191.fls.doubleclick.net/ Frame 86CC
Redirect Chain

https://8019191.fls.doubleclick.net/activityi;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512?
https://8019191.fls.doubleclick.net/activityi;dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512?

391 B
346 B

104ms
57ms

Document
text/html

142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8019191.fls.doubleclick.net/activityi;dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512?

Requested by

Host: app2.atmovies.com.tw
URL: http://app2.atmovies.com.tw/film/extend/fphk2105530003/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

67879d3fa53f398ab9f09a5a8c3fb1d13e9a7e5b9b4ed27e27e679e273f8dfb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 06:23:48 GMT
expires: Fri, 11 Feb 2022 06:23:48 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 323
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 11 Feb 2022 06:23:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8019191.fls.doubleclick.net/activityi;dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK request_content.php Show response
hal90005.redintelligence.net/ Frame 2EB6 7 KB
2 KB 37ms
15ms Document
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=01qrvgnrrbds&nw=20&renderingType=javascript&namespace=a0aeb50277&subid=&uid=ba7935dcedc03cbf&screenSize=0x0&screenSizeAvail=0x0&clientSize=0x0&scrollPos=0x0&extData[]=&extVar[]=DOUBLEBORDER%3A1&extVar[]=MMA_SSP%3Aadx&envData=&gdpr=1&gdpr_consent=li&ud=&redirectClick=https%3A%2F%2Fpixel.mathtag.com%2Fclick%2Fimg%3Fexch_aid%3DYgYA8wALZw0K7f-dQgY48g%26mt_aid%3D5100544228151938932%26mt_id%3D6622326%26mt_adid%3D216536%26mt_sid%3D4562306%26mt_exid%3D4%26mt_inapp%3D0%26mt_os%3DWindows%26mt_uuid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_cid%3D6d3e6206-00f3-4e01-b8ab-503b0c5bb58f%26mt_3pck%3Dhttps%253A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCPFx58wAGYpXZJ8PytweaxqCgCs-HjptcwIbZgsYCwI23ARABIABgleKQgqAHggEXY2EtcHViLTQ4NjY2OTU2NzY5MTIzODDIAQmoAwGqBO4BT9BQqH6ISHq4GuFuBR7szHSPnvzv6hN6r6m0FyLWbw5etDywVcVojNKDDlqDz2ClDqkKwvyuHmkFRKrGC00iizfvLrTxO_Tf2xJNAvIsOp2yzbXzEPC3xaNZyI6gsl-KSEFrlVcQ_WS9q0ORocRxXQ87jOWz5Lo0LoWX9X8CIVfvPqT1cWcXHtYluMudaC2zgN0k3qbu2bEGbkZPYTJH-InrnSQVNKw9U1JT3uJi4_njuKjJnlxxL2DpESBkT5g2iIJteAvDwm1N6_6_ZzkRUwwYLu214qfo3v2NMV7U4wRbg7Hb_uCroLApQD9iTYAGkKXs7-GYgM7XAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_3QBC91Z1uyEYsLxp9wIigKiujVCA%2526client%253Dca-pub-4866695676912380%2526adurl%253D%26redirect%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-4866695676912380%26output%3Dhtml%26h%3D250%26slotname%3D4083490061%26adk%3D1796691117%26adf%3D3407277733%26pi%3Dt.ma~as.4083490061%26w%3D300%26fwrn%3D16%26psa%3D0%26format%3D300x250%26url%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252Ffilm%252Fextend%252Ffphk2105530003%252F%26ea%3D0%26flash%3D0%26wgl%3D1%26dt%3D1644560627455%26bpp%3D3%26bdt%3D1632%26idt%3D129%26shv%3Dr20220209%26mjsv%3Dm202202070101%26ptt%3D9%26saldr%3Daa%26correlator%3D3285008017951%26frm%3D24%26ife%3D1%26pv%3D2%26ga_vid%3D1524960524.1644560628%26ga_sid%3D1644560628%26ga_hid%3D1660094509%26ga_fc%3D0%26nhd%3D2%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D-12245933%26ady%3D-12245933%26biw%3D-12245933%26bih%3D-12245933%26isw%3D300%26ish%3D250%26ifk%3D1787431411%26scr_x%3D-12245933%26scr_y%3D-12245933%26eid%3D42531398%252C182982100%252C182982300%252C31062423%252C31064772%252C44756895%26oid%3D2%26pvsid%3D2580302469599475%26pem%3D698%26tmod%3D541231473%26uas%3D0%26nvt%3D1%26loc%3DEMPTY%26top%3Dhttp%253A%252F%252Fapp2.atmovies.com.tw%252F%26eae%3D2%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D23%26ifi%3D1%26uci%3D1.oii5sdg0ptog%26fsb%3D1%26dtd%3D159&ancestorOrigins=null&random=8787741280431&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 09acf4d3078ffcb58b66beea34904494fc590b146198775083ea55641603d3fa

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Server: Apache
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Expires: Fri, 11 Feb 2022 06:23:48 +0100
Pragma: no-cache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2040
Connection: close
Content-Type: text/html; charset=utf-8

GET
H/1.1

200
OK

native.png
ad-server.eu/wm/pb/ Frame 36EC
Redirect Chain

https://pv.medialead.de/trck/eview/e99aace94e6e5873830a7df8deda4aa6?subid=22170800027226400951393011867005
https://ad-server.eu/wm/pb/native.png

68 B
312 B

144ms
27ms

Image
image/png

54.76.176.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-server.eu/wm/pb/native.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Protocol: HTTP/1.1
Server: 54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software: nginx/1.4.6 (Ubuntu) /
Resource Hash: 93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:29:24 GMT
Last-Modified: Sat, 21 Dec 2019 23:06:59 GMT
Server: nginx/1.4.6 (Ubuntu)
ETag: "5dfea593-44"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68

Redirect headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: B9D59BA4:E0FA_91EFC182:01BB_620600F4_49FC53A:157AD
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40028
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type: text/html; charset=UTF-8
Location: https://ad-server.eu/wm/pb/native.png
Cache-control: private
Transfer-Encoding: chunked
Keep-Alive: timeout=20

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 36EC 43 B
702 B 91ms
69ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=22170800027226400951393011867005&pv=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 06:23:48 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E546 1 KB
749 B 39ms
39ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Fri, 11 Feb 2022 05:53:44 GMT
expires: Sat, 12 Feb 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 1804
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 36EC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 06ad76d14c9165fa3b281f1d032fa8baed744e042d7101e5919f8dab77b52299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: image/png

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 115ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?oz_pl=1&dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//app2.atmovies.com.tw/film/extend/fphk2105530003&ui=5d2caeb8-9f98-0312-0000-000000000000&ap=&ti=5100544228151938932&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&pp=pub-4866695676912380&sr=4&de=43003&si=410147113&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a03:1b20:6::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1 200
OK main.js Show response
s.update.mediamathtag.com/2/2.47.2/ Frame 36EC 153 KB
48 KB 28ms
28ms Script
text/javascript 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s.update.mediamathtag.com/2/2.47.2/main.js

Requested by

Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//app2.atmovies.com.tw/film/extend/fphk2105530003&ui=5d2caeb8-9f98-0312-0000-000000000000&ap=&ti=5100544228151938932&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&pp=pub-4866695676912380&sr=4&de=43003&si=410147113&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a03:1b20:6::&r2=&r3=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-203-96-5.eu-west-1.compute.amazonaws.com

Software

Resource Hash

8d17593bcc84ed3a08551f9de0f3abd3dd923b3316e356cac54b58ee6461c596

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:47 GMT
Content-Encoding: br
Accept-Ch: Viewport-Width, Width, DPR, RTT, ECT, Device-Memory, Downlink, Save-Data
Vary: Origin, Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: public, no-transform, immutable, max-age=999999999
Strict-Transport-Security: max-age=31536000; includeSubDomains
Timing-Allow-Origin: *
Content-Length: 48705
Expires: Mon, 20 Oct 2053 05:17:40 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E1BF 32 KB
10 KB 9ms
9ms Script
text/html 104.117.200.100
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.117.200.100 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-117-200-100.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 7aa3de3cbeaac194729834621c09a127dfba2d7fc731a0807e81219a6f69b079

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 15 Dec 2021 23:04:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9681
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9702
Expires: Fri, 11 Feb 2022 09:05:09 GMT

GET
H/1.1 204
No Content sync.php
pixel-apac.rubiconproject.com/exchange/ Frame E1BF 0
239 B 684ms
165ms Image
image/gif 69.173.158.64
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=KZI0XO7I-1Q-6CH8
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 94869a3d6d62a785bc2a9351b08a70bb
Content-Type: image/gif

GET
H3 200 css
fonts.googleapis.com/ Frame 2EB6 4 KB
649 B 45ms
44ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Requested by

Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 11 Feb 2022 05:33:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 11 Feb 2022 06:23:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 11 Feb 2022 06:23:48 GMT

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2EB6 16 KB
16 KB 36ms
14ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/pb_goldschmied_1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 6ab8913b57bd346f12dc9a91abe097e28797e5bc13791fbb1651028cb6e454cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16465
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2EB6 17 KB
17 KB 36ms
14ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 21a6bfef996ecdd1e39f8a2c1177223cad28829bc91d8624df289b544c5fc884

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 16857
Vary: Accept-Encoding
Content-Type: image/png

GET
H/1.1 200
OK /
hal9000.redintelligence.net/scale/ Frame 2EB6 13 KB
13 KB 36ms
12ms Image
image/png 138.201.220.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.220.30 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.30.220.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 645e2a037f59021dc96a158f923a87394998767ede4daf2c123e5a7404ce989e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 12988
Vary: Accept-Encoding
Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E546
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXY2SXN6VmwxTmlwbHE1&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&google_cver=1&google_push=AYg5qPI3l7ALh-SHanePPQabk4e7eo0o43qePTxoGNIj-7Y...

170 B
188 B

98ms
54ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXY2SXN6VmwxTmlwbHE1&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&google_cver=1&google_push=AYg5qPI3l7ALh-SHanePPQabk4e7eo0o43qePTxoGNIj-7Y2ktMnUoZC25Wuq_VlJ9ntoIqOUoBw59KKbp26vk5EhlK8VE_6D5fN

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 11 Feb 2022 06:23:47 GMT
Server: PingMatch/v2.0.30-702-g2925257#rel-ec2-master i-0d836f7294b6c7d01@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=dXY2SXN6VmwxTmlwbHE1&google_gid=CAESEMx2P02rmr5_zcCvh6iIl7U&google_cver=1&google_push=AYg5qPI3l7ALh-SHanePPQabk4e7eo0o43qePTxoGNIj-7Y2ktMnUoZC25Wuq_VlJ9ntoIqOUoBw59KKbp26vk5EhlK8VE_6D5fN
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame E546 70 B
265 B 97ms
31ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPvDiUM3Q4l6oxyjoXoLjes&google_cver=1&google_push=AYg5qPJcgPxskICAQtanBj7MiEn6gzxmWHZv1_jZvBUmNEy38K0gbbfXYYTEEknq2-oL6pkmbmhxF120190lN26fALBbg8MEEpYp
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E546
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEOrzXmc7-NuK0ZwidcBcH2Q&google_cver=1&google_push=AYg5qPJEz8hztQtfkR9_h-zcmNb-RdlYCRRge0Xmoaqcp71VHFNTnQsJHOB6jDnMjxamS8qwdQH6lQZq5j-A0n_n...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=q4OJEmrtQRi7h_eI0iD2Xg2&google_push=AYg5qPJEz8hztQtfkR9_h-zcmNb-RdlYCRRge0Xmoaqcp71VHFNTnQsJHOB6jDnMjxamS8qwdQH6lQZq5j-A0n_nRwcTVljiGzZM

170 B
188 B

88ms
53ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=q4OJEmrtQRi7h_eI0iD2Xg2&google_push=AYg5qPJEz8hztQtfkR9_h-zcmNb-RdlYCRRge0Xmoaqcp71VHFNTnQsJHOB6jDnMjxamS8qwdQH6lQZq5j-A0n_nRwcTVljiGzZM

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 11 Feb 2022 06:23:48 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=q4OJEmrtQRi7h_eI0iD2Xg2&google_push=AYg5qPJEz8hztQtfkR9_h-zcmNb-RdlYCRRge0Xmoaqcp71VHFNTnQsJHOB6jDnMjxamS8qwdQH6lQZq5j-A0n_nRwcTVljiGzZM
x-host: tde-deliveryengine-production-655df8fcc8-2qr89
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E546
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESELjaq_Ycuqb8yNjNyU3s8v0&google_cver=1&google_push=AYg5qPLwBk4G3nfJjDfW78apgcLbsmCaXaxrPnaMc6rAzowJU2jmy7eXiakibask4y-xiDljXI0h44xBJg9b9SC6wsShChN...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLwBk4G3nfJjDfW78apgcLbsmCaXaxrPnaMc6rAzowJU2jmy7eXiakibask4y-xiDljXI0h44xBJg9b9SC6wsShChNiO7SY&google_hm=NzM0NjUyNzYzMjIwMzc0MDc1

170 B
188 B

66ms
53ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLwBk4G3nfJjDfW78apgcLbsmCaXaxrPnaMc6rAzowJU2jmy7eXiakibask4y-xiDljXI0h44xBJg9b9SC6wsShChNiO7SY&google_hm=NzM0NjUyNzYzMjIwMzc0MDc1

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 11 Feb 2022 06:23:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLwBk4G3nfJjDfW78apgcLbsmCaXaxrPnaMc6rAzowJU2jmy7eXiakibask4y-xiDljXI0h44xBJg9b9SC6wsShChNiO7SY&google_hm=NzM0NjUyNzYzMjIwMzc0MDc1
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET

pixel
cm.g.doubleclick.net/ Frame E546
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei...

0
0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E546
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEL6lIzWUq0tkgp1GJsLORbg&google_cver=1&google_push=AYg5qPLIqILcGVzw0Idi3i6ZshyGa87rbLZq1zGu-nNZ018OHCwB9r1A-wHNi8RS9w0G8mjAZhj0Ezc2FfM5LnuC...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLIqILcGVzw0Idi3i6ZshyGa87rbLZq1zGu-nNZ018OHCwB9r1A-wHNi8RS9w0G8mjAZhj0Ezc2FfM5LnuC83hj6R2cQT8

170 B
243 B

55ms
55ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLIqILcGVzw0Idi3i6ZshyGa87rbLZq1zGu-nNZ018OHCwB9r1A-wHNi8RS9w0G8mjAZhj0Ezc2FfM5LnuC83hj6R2cQT8

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 11 Feb 2022 06:23:48 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=AYg5qPLIqILcGVzw0Idi3i6ZshyGa87rbLZq1zGu-nNZ018OHCwB9r1A-wHNi8RS9w0G8mjAZhj0Ezc2FfM5LnuC83hj6R2cQT8
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: n3u8XJgByiF0HDnJNOE4Ynq_a-3NDE_ju-ODaaMk18iI-Vbiz2oDDg==

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame E546 0
75 B 79ms
17ms Image
text/plain 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKphf3Bwh9wAIC-U8F2QAKM&google_cver=1&google_push=AYg5qPJUDc2sHxCfDrQ5XEAuuQ0aN6x2ruJnPe--YTXlZ2_ERbOTESmuF0wbEL3E6z5QB1z3xLrx_BfebIWyrM1JpC1eBkzfGWA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:48 GMT
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame E546 0
223 B 47ms
46ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K9S9BzM4bXiOfiSzrdi510gMMTSlu9HTBThjxYOL0uWF0d3MtrFeydqhUnfvfiKVbTdm0L

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK viewability Show response
hal90005.redintelligence.net/ Frame 2EB6 0
150 B 33ms
12ms Script
text/html 138.201.63.165
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90005.redintelligence.net/viewability?s=22170800027226400951393011867005&a=032e4222&vb=m
Requested by: Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.165 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.165.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://hal90005.redintelligence.net/request_content.php?s=22170800027226400951393011867005&a=050836a4
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 2EB6 13 KB
13 KB 129ms
48ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90005.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Mon, 07 Feb 2022 21:39:33 GMT
x-content-type-options: nosniff
age: 290655
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13072
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:17:36 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 07 Feb 2023 21:39:33 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v18/ Frame 2EB6 13 KB
13 KB 120ms
39ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v18/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://hal90005.redintelligence.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Wed, 09 Feb 2022 14:56:27 GMT
x-content-type-options: nosniff
age: 142041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13080
x-xss-protection: 0
last-modified: Wed, 10 Nov 2021 18:10:26 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Feb 2023 14:56:27 GMT

GET
H2 200 ts.js Show response
cdn.retailads.net/ Frame 64CC 5 KB
5 KB 11ms
10ms Script
application/javascript 2a01:4f8:d0a:2321::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.retailads.net/ts.js
Requested by: Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=1207393666
Protocol: H2
Security: TLS 1.3, , CHACHA20_POLY1305
Server: 2a01:4f8:d0a:2321::2 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: Apache /
Resource Hash: c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://futalis.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:48 GMT
last-modified: Fri, 21 Jan 2022 14:35:51 GMT
server: Apache
accept-ranges: bytes
etag: "14aa-5d6188919baaa"
content-length: 5290
content-type: application/javascript

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?oz_pl=1&dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&_x=1
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/619621/analytics.js?dt=6196211556140246740000&pd=avt&di=http%3A//app2.atmovies.com.tw/film/extend/fphk2105530003&ui=5d2caeb8-9f98-0312-0000-000000000000&ap=&ti=5100544228151938932&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&pp=pub-4866695676912380&sr=4&de=43003&si=410147113&dm=300x250&ac=651871&cr=6622326&ai=216536&c1=4562306&r1=2a03:1b20:6::&r2=&r3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E1BF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d3e6206-00f3-4e01-b8ab-503b0c5bb58f&expires=28

0
239 B

43ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d3e6206-00f3-4e01-b8ab-503b0c5bb58f&expires=28
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

Date: Fri, 11 Feb 2022 06:23:48 GMT
Server: MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=6d3e6206-00f3-4e01-b8ab-503b0c5bb58f&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 11 Feb 2022 06:23:47 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGQ2YzhhMjNhNjg1MWNlZTUyZmVjNDdjNmVjNmFhZmYwZmIwZWM5ZA

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGQ2YzhhMjNhNjg1MWNlZTUyZmVjNDdjNmVjNmFhZmYwZmIwZWM5ZA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZGQ2YzhhMjNhNjg1MWNlZTUyZmVjNDdjNmVjNmFhZmYwZmIwZWM5ZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E1BF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YgYA9AAFWDRQ7QBB
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgYA9AAFWDRQ7QBB&_test=YgYA9AAFWDRQ7QBB

0
239 B

7ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgYA9AAFWDRQ7QBB&_test=YgYA9AAFWDRQ7QBB
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1644560629.526611,VS0,VE0
x-served-by: cache-hhn4074-HHN
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YgYA9AAFWDRQ7QBB&_test=YgYA9AAFWDRQ7QBB
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

204

v1
ads.yahoo.com/cms/ Frame E1BF
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZI0XO7I-1Q-6CH8&sigv=1&esig=2~ae178eef74c113076b7c5128e6ac7af9bdfdb724

0
194 B

70ms
20ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZI0XO7I-1Q-6CH8&sigv=1&esig=2~ae178eef74c113076b7c5128e6ac7af9bdfdb724

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Fri, 11 Feb 2022 06:23:48 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZI0XO7I-1Q-6CH8&sigv=1&esig=2~ae178eef74c113076b7c5128e6ac7af9bdfdb724
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1BF
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJMFhPN0ktMVEtNkNIOA==

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJMFhPN0ktMVEtNkNIOA==

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pJMFhPN0ktMVEtNkNIOA==
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E1BF
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/4T-KGDZ_h5cattibspGGr8n5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=734652763220374075

0
239 B

8ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=734652763220374075
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

date: Fri, 11 Feb 2022 06:23:48 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=734652763220374075
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2 451 709414.gif
id.rlcdn.com/ Frame E1BF 0
0 59ms
20ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame E1BF
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi21dX_QZ_n-h1YhDhiAVk&google_cver=1

0
239 B

9ms
7ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi21dX_QZ_n-h1YhDhiAVk&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECi21dX_QZ_n-h1YhDhiAVk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 40ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560628356&oz_l=1152&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560628417&oz_l=4804&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 89bc49bc-fbf2-4098-8b0b-69e89ba46b90
https://googleads.g.doubleclick.net/ Frame 36EC 37 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/89bc49bc-fbf2-4098-8b0b-69e89ba46b90
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3280c4301577bd837b826a5b3f1e976106f554a3923645770de8d756b2b89dd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 37
Content-Type: application/javascript

GET
BLOB 200
OK 3a79f028-99ba-45a7-846e-52e7ab699779
https://googleads.g.doubleclick.net/ Frame 1542 185 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/3a79f028-99ba-45a7-846e-52e7ab699779
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4866695676912380&output=html&h=250&slotname=4083490061&adk=1796691117&adf=3407277733&pi=t.ma~as.4083490061&w=300&fwrn=16&psa=0&format=300x250&url=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003%2F&ea=0&flash=0&wgl=1&dt=1644560627455&bpp=3&bdt=1632&idt=129&shv=r20220209&mjsv=m202202070101&ptt=9&saldr=aa&correlator=3285008017951&frm=24&ife=1&pv=2&ga_vid=1524960524.1644560628&ga_sid=1644560628&ga_hid=1660094509&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1787431411&scr_x=-12245933&scr_y=-12245933&eid=42531398%2C182982100%2C182982300%2C31062423%2C31064772%2C44756895&oid=2&pvsid=2580302469599475&pem=698&tmod=541231473&uas=0&nvt=1&loc=EMPTY&top=http%3A%2F%2Fapp2.atmovies.com.tw%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.oii5sdg0ptog&fsb=1&dtd=159
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 185
Content-Type: application/javascript

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9862 0
20 B 49ms
49ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220209&jk=2580302469599475&bg=!n5ylnNjNAAbAtJCDwLQ7ACkAdvg8Wrpu-cEx1t_ZOZ3lqwkHIz7zVk3xhDtVwkz118IJmqv_GrmFYQIAAABdUgAAAAVoAQeZAu5lEfKy1pe2i-tG6J21MHAcqA_fzBXrJOL63Iluc9whsdoymhDfD3vgltEBQpDObqynWe_yXqjpSbv3N7lsERPsY06zIFv9u2bM-aFz3fN6YuBGT1xJjJ9Ye4bYpYsUJjsM0OdrYYQz9NhjAeLEeHfyhEKUSLehEJaBQlwdt2xi45zBJHf3gLD5rwCFrOV7xglSmWwH-LIq8Wl9t-YPW5S1qS9BkkZa8_o86g4hQL9mNDb31PnchnsTTaPoxRdMi01Z3XazFiUkSp3Z9VoIiAy6Rhvm80GkgbXOJFBAhJjwHh7b1Bo9oG1vSjGI1ZfeNswkrNtBOO1dYv3UPKHx_jRS2gPJJPQ1nU7S6v11yoH-h1Ll8-chmuXMwWBSLAEhOL-1RpjVXICWGytc7k0_ZzEICYqjMMDfrTv5ce0FxAbJyfssL3Qs3N4a1G58M8at3k5YgrNi_cSb4pWVKJto-Y8CAguMBqv6m4LNoEX0agvoin1bqn-Yd8HgZA4ZumGF1zkQIwqXKNF5vjKRqei1x3D55-dJAXRN0qCaFgI34y60gavNz0798FF16w7c20ju_ve-dg75iPl7cHKjkpdqE_FVZdfm3Zk5h8P2ILvl16xbDjFVXlkbLroF7RClcZ7cJh0ziWWWcuvYY_A7I7NcWipy7PKxtvmdf3Hcv0DfX2okaIPB95bVOQuHUdCNn1pa11aI9FqmAMfAP806EHtM_0_92Kv8Ey1jzQFYHYvy_rBPTqFkRV-UbLSZrCwgP6zuiBhLmDMLfv5-F5JtMbblXoGVbuUwl6SWHNHvOetGg0ojy03WeGircPtKLg_0qu-1Jx7ecAL3PnbqhNxE_skDABSYEj_n0GMRkRa2lAJo8J_Yg-9X1eWtEu_CmITijX3g1CQa2GjFln86XFJjhJjiwRr0FuRDwdyqYRbcIdS5yhnVe-wdCFQb4fOWfa9tht-1CXFYRCmJPU85rp92WVrg4e7VWi4AJa_SDT04WsseAss

Requested by

Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.61

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560628462&oz_l=236&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
H3 200 dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512
adservice.google.com/ddm/fls/z/ Frame 86CC 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512

Requested by

Host: 8019191.fls.doubleclick.net
URL: https://8019191.fls.doubleclick.net/activityi;dc_pre=CM-pwuCB9_UCFc1OGwodWEYK9g;src=8019191;type=invmedia;cat=1up4h04i;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4791415008265.512?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8019191.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560628535&oz_l=254&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560628578&oz_l=5800&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
DATA 200
OK truncated Show response
/ Frame 01E1 28 B
28 B Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd

Request headers

Upgrade-Insecure-Requests: 1
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type: text/html;charset=utf-8

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560628630&oz_l=180&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET cycle.json
agnangantblacabcerducfarharwo/ Frame E9CF 0
0

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560628700&oz_l=33&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:47 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

GET
BLOB 200
OK 6f1f1d59-a0ca-4b83-99fc-77aed2ff4ca5
https://googleads.g.doubleclick.net/ Frame 36EC 772 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://googleads.g.doubleclick.net/6f1f1d59-a0ca-4b83-99fc-77aed2ff4ca5
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 340ba14b5b4d08b5e8c0b9ee8f024c60a72e7528f5e4ad6210e2cbd97977611d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Length: 772

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
29ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560629014&oz_l=1022&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560629060&oz_l=2762&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560629104&oz_l=113&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560629169&oz_l=549&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

POST
H/1.1 200
OK postback Show response
s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/ Frame 36EC 0
145 B 29ms
28ms XHR
text/plain 18.203.96.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.update.mediamathtag.com/2/2.47.2/619621/ARQrM18XEeOYFprl/postback?dt=6196211556140246740000&ai=216536&r3=&di=http%3A%2F%2Fapp2.atmovies.com.tw%2Ffilm%2Fextend%2Ffphk2105530003&ap=&ti=5100544228151938932&sr=4&ac=651871&cr=6622326&r1=2a03%3A1b20%3A6%3A%3A&ci=619621&pv=d56bfb8b-c6a9-432d-bef4-0a3d1c3aafa1&si=410147113&dm=300x250&pd=avt&ui=5d2caeb8-9f98-0312-0000-000000000000&pp=pub-4866695676912380&de=43003&c1=4562306&r2=&sid=ARQrM18XEeOYFprl&oz_sc=c13d887a01fa96ca7fbfc208&oz_df=1644560629244&oz_l=229&cv=3
Requested by: Host: s.update.mediamathtag.com
URL: https://s.update.mediamathtag.com/2/2.47.2/main.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 18.203.96.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-96-5.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 11 Feb 2022 06:23:48 GMT
Timing-Allow-Origin: *
Content-Length: 0
Vary: Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 46ms
16ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fapp2.atmovies.com.tw%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://img.scupio.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: https://img.scupio.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1760
date: Fri, 11 Feb 2022 06:23:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/ Frame DD89
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=http%3A%2F%2Fapp2.atmovies.com.tw%2F&domain=img.scupio.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=UQ93pnxrZFMydDNGb2g0bUZJZ3JlUGxuZzhLcTBLbXdRL2d5M0Z4VlBRS1VITDJnbGpBYS9XWGhOenF4QTRmUzgxMUw2ZVYycWpwQkR3L2NOOVZ2WXN3WlArMUdja1prOEYvMUR4M2lkQnNoeUJzWDNPOVFObWpIR1c4YT...

433 B
676 B

16ms
16ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=UQ93pnxrZFMydDNGb2g0bUZJZ3JlUGxuZzhLcTBLbXdRL2d5M0Z4VlBRS1VITDJnbGpBYS9XWGhOenF4QTRmUzgxMUw2ZVYycWpwQkR3L2NOOVZ2WXN3WlArMUdja1prOEYvMUR4M2lkQnNoeUJzWDNPOVFObWpIR1c4YTBTS1Y3eE5oWFFuQ3F3RHJhY1piYVRpemIxUTFmYVhKK0pVR1hXN2tBWjdTNW5wMlZSNG5wclJMRFNNdWVjNVZhWDJIdGJQTkxicUl6RGF3WThzTXJNYW5pdEErUXdUVWpkaWRjd1E3bGhmcUN4MnV6OVdWckcwWGRiOHQweE9nYUtwUUhGTlo3WkhRb2tWNWlkVVcxcC8wMnpLbXhFZ2UxRHlRaUVEMWo5Ky85ZVFKWHc0UT18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7bbfc9cd699b1b518081ec48296bd554f662ea340d5438e1f72130f1d912a785

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.scupio.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:49 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3706
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 11 Feb 2022 06:23:50 GMT
location: https://mug.criteo.com/sid?cpp=UQ93pnxrZFMydDNGb2g0bUZJZ3JlUGxuZzhLcTBLbXdRL2d5M0Z4VlBRS1VITDJnbGpBYS9XWGhOenF4QTRmUzgxMUw2ZVYycWpwQkR3L2NOOVZ2WXN3WlArMUdja1prOEYvMUR4M2lkQnNoeUJzWDNPOVFObWpIR1c4YTBTS1Y3eE5oWFFuQ3F3RHJhY1piYVRpemIxUTFmYVhKK0pVR1hXN2tBWjdTNW5wMlZSNG5wclJMRFNNdWVjNVZhWDJIdGJQTkxicUl6RGF3WThzTXJNYW5pdEErUXdUVWpkaWRjd1E3bGhmcUN4MnV6OVdWckcwWGRiOHQweE9nYUtwUUhGTlo3WkhRb2tWNWlkVVcxcC8wMnpLbXhFZ2UxRHlRaUVEMWo5Ky85ZVFKWHc0UT18&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://img.scupio.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1996
content-length: 567
expires: 0

GET

cm
c.holmesmind.com/ Frame DD89
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
0

GET idSync
sync.aralego.com/ Frame DD89 0
0

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 43ms
15ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 989
date: Fri, 11 Feb 2022 06:23:49 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1

Domain: agnangantblacabcerducfarharwo
URL: chrome-extension://agnangantblacabcerducfarharwo/cycle.json

Domain: c.holmesmind.com
URL: https://c.holmesmind.com/cm?tc=getIn&

Domain: sync.aralego.com
URL: https://sync.aralego.com/idSync

Verdicts & Comments Add Verdict or Comment

195 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.atmovies.com.tw/	1970-01-20 18:20:32	Name: _ga Value: GA1.3.1380359854.1644560624
.atmovies.com.tw/	1970-01-20 00:50:47	Name: _gid Value: GA1.3.133101952.1644560624
.atmovies.com.tw/	1970-01-20 00:49:20	Name: _gat Value: 1
.atmovies.com.tw/	1970-01-20 10:10:56	Name: __gads Value: ID=35ae669bcdf79912-2256b3903ccd00e6:T=1644560624:RT=1644560624:S=ALNI_Ma6WWvvsjjS1A8rWmL7YeJWIvaPOg
.doubleclick.net/	1970-01-20 10:10:56	Name: IDE Value: AHWqTUl2VR55fhdbSj4lbtteKoZ_xV7DLOoQWH7DuXxFrzIM4X5ND0VnPgIeKY0sfn0
.rubiconproject.com/	1970-01-20 09:34:56	Name: khaos Value: KZI0XO7I-1Q-6CH8
.rubiconproject.com/	1970-01-20 09:34:56	Name: audit Value: 1\|hLZGFuTafB1vvaWcHoY84T5APvdogVCbaTd6KyMQnat7y9GyzaExIWgPHczAeldBLIY8R4fZd1sbDpMqgtlvvz7Su3+cN8i/xx/uUtFk1zi/pmrl6hR8hw==
.doubleclick.net/	1970-01-20 00:49:24	Name: DSID Value: NO_DATA
.aralego.com/	1970-01-20 09:34:56	Name: sspid Value: 1ea80733-2c7e-48ac-9ecd-fee0ccd5f36e
.c.appier.net/	1970-01-20 09:34:56	Name: _auid Value: VD9L6QN2B6uM25v_8gAGYg
.criteo.com/	1970-01-20 10:10:56	Name: uid Value: 5d01205b-a7a4-4fd8-855d-1d13b7b595ac
.mathtag.com/	1970-01-20 09:34:56	Name: uuid Value: 6d3e6206-00f3-4e01-b8ab-503b0c5bb58f
.scupio.com/	1970-01-20 09:34:56	Name: OrgKeyValue Value: CNA2022021114234815652
.scupio.com/	1970-01-20 09:34:56	Name: gx Value: H4sIAHRxBmIA%2fxNmYGDg4uY4N%2b1J%2b%2bIz26wEWIVYOOwFmAADrZ6VFwAAAA%3d%3d
.retailads.net/	1970-01-20 01:32:32	Name: ppb2172 Value: 1207393666
.awin1.com/	1970-01-20 00:59:25	Name: awpv14098 Value: 296283\|1644560628\|2c183730-8b03-11ec-b50a-2265e04fa232
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 429086:2519595
.w55c.net/	1970-01-20 10:15:15	Name: wfivefivec Value: uv6IszVl1Niplq5
.casalemedia.com/	1970-01-20 09:34:56	Name: CMID Value: YgYA9Dm-hqEVIdm2LNOkLwAA
.casalemedia.com/	1970-01-20 02:58:56	Name: CMPS Value: 3269
.w55c.net/	1970-01-20 01:32:32	Name: matchgoogle Value: 5
.travelaudience.com/	1970-01-20 10:15:15	Name: _tracker Value: %7B%22UUID%22%3A%22AB838912-6AED-4118-BB87-F788D220F65E%22%7D
.casalemedia.com/	1970-01-20 02:58:56	Name: CMPRO Value: 1186
.casalemedia.com/	1970-01-20 00:50:47	Name: CMST Value: YgYA9GIGAPQA
.futalis.de/	1970-01-20 02:15:44	Name: raSIDb Value: 1207393666
.yahoo.com/	1970-01-20 09:35:18	Name: A3 Value: d=AQABBPQABmICEIOkuyCVMVTmaqCe3HHa9jAFEgEBAQFSB2IPYgAAAAAA_eMAAA&S=AQAAAr9bGHMCgeJEZ-q7LaF2dNI
.mathtag.com/	1970-01-20 01:32:32	Name: mt_mop Value: 9:1644560627
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: huhb3mismxpxqirysfqo2zc2
pb.media01.eu/	1970-01-20 18:20:32	Name: DTU Value: 005D8DB84D9E09C70FE6D4C0F17CE7A1
.everesttech.net/	1970-01-20 09:34:56	Name: everest_g_v2 Value: g_surferid~YgYA9AAFWDRQ7QBB
.aralego.com/	1970-01-20 09:34:56	Name: gdpr Value: 1
.scupio.com/	1970-01-20 00:59:25	Name: gxc Value: 1
.scupio.com/	1970-01-20 00:59:25	Name: uxc Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://cfapp.atmovies.com.tw/cfc/www_movie/ Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://id.rlcdn.com/709414.gif Message: Failed to load resource: the server responded with a status of 451 ()
worker	error	URL: blob:https://googleads.g.doubleclick.net/3a79f028-99ba-45a7-846e-52e7ab699779 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/3a79f028-99ba-45a7-846e-52e7ab699779' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://eppiocemhmnlbhjplcgkofciiegomcon/content/safecheck-notification/notification-iframe/index.html'. This request has been blocked; the content must be served over HTTPS.
worker	error	URL: blob:https://googleads.g.doubleclick.net/3a79f028-99ba-45a7-846e-52e7ab699779 Message: Mixed Content: The page at 'blob:https://googleads.g.doubleclick.net/3a79f028-99ba-45a7-846e-52e7ab699779' was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint 'chrome-extension://cplklnmnlbnpmjogncfgfijoopmnlemp/skin/logo24.png'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YgYA9Dm_hqEVIdm2LNOkLwAABKIAAAIB&google_push=AYg5qPKsSy9bT0AaBRZldvrdcD9NHdJbT6EO0nx-LtjnzVOQZ0UkFnvHe6yqp3E6oYms94TbXlXAV3smN0W3VO4Gei1v_dd1CjA&google_gid=CAESENYJFxSr9SuD79hiXUJ2R9Q&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3b3.org
8019191.fls.doubleclick.net
ad-server.eu
ad.holmesmind.com
ad2.apx.appier.net
ads.travelaudience.com
ads.yahoo.com
adservice.google.com
adservice.google.de
agnangantblacabcerducfarharwo
ajax.googleapis.com
app2.atmovies.com.tw
bidder.criteo.com
bw.scupio.com
c.holmesmind.com
cdn.retailads.net
cfapp.atmovies.com.tw
cm.g.doubleclick.net
csi.gstatic.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gocm.c.appier.net
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal90005.redintelligence.net
hb.aralego.com
id.rlcdn.com
img.scupio.com
match.adsrvr.org
mug.criteo.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
pixel-apac.rubiconproject.com
pixel.mathtag.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
pv.medialead.de
rec.scupio.com
s.ad.smaato.net
s.update.mediamathtag.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aralego.com
sync.mathtag.com
tags.mathtag.com
token.rubiconproject.com
tpc.googlesyndication.com
www.awin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
agnangantblacabcerducfarharwo
c.holmesmind.com
cm.g.doubleclick.net
sync.aralego.com
103.132.192.30
104.111.239.217
104.117.200.100
138.201.220.30
138.201.63.165
139.162.78.222
142.250.184.226
142.250.185.226
142.250.185.230
145.239.193.130
151.101.130.49
167.233.14.134
178.250.0.165
178.250.2.146
18.203.96.5
185.29.132.245
185.29.134.249
185.86.139.104
192.96.200.41
2.18.233.201
210.59.219.175
210.59.219.180
210.59.219.181
23.37.42.132
2600:9000:2057:b800:1b:5138:8a40:93a1
2602:803:c004:200::141
2a00:1288:80:800::7000
2a00:1450:4001:809::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::200e
2a00:1450:4001:828::200a
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200a
2a00:1450:4001:831::2004
2a00:1450:400c:c1b::9a
2a00:1450:400f:800::2003
2a01:4f8:d0a:2321::2
2a02:2638:1::3
2a02:2638::1c
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:d29:3602:1d01:41f0:b3c7:ca3c
3.120.72.86
34.96.119.68
35.186.238.101
35.190.0.66
35.244.174.68
35.75.110.87
52.223.40.198
54.76.176.197
61.61.96.232
61.61.96.252
65.9.7.97
69.173.144.138
69.173.144.165
69.173.158.64
88.198.250.30
06ad76d14c9165fa3b281f1d032fa8baed744e042d7101e5919f8dab77b52299
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
09acf4d3078ffcb58b66beea34904494fc590b146198775083ea55641603d3fa
0a37a2cac7d43af707624d1b2b0adbb8b19605501898c4ab5249cb7668538aaf
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0da1b7b795d8ed531c47ff870de07dfa167e2e7870be41c339bc05888c0c1900
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11861d7a9f3a93e5bab30b26a38dec607d5ad82988d30e25b0bcfd86eccdcda3
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
1460e4ba5d8a29324c75f80802081c73d2143d8c9581a84ca3df707fbc6e477c
14d7d44634d745e532c416d02f3fe714a084233dfd752936c78e848d5cd27391
1623f1d081160d976dd6588373dd6e73e24af9a6ff056a653ebd0fba2f355bcd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ccfa6320460899399dad32620c42c4d78d758a1f82ad8d7c62b5337324c35cd
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e7bdf52eadea30acf902248591382393f39789465b7849f501d488523552121
203952d95f704a3d83b4f4d2b637c3ec6eed453918da831b11433d6854770063
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
21a6bfef996ecdd1e39f8a2c1177223cad28829bc91d8624df289b544c5fc884
22bfb184ddc5aacc316cc9705911968276a7cecf1cb9abb46ee38cac34580caa
243fa32ac1ad6980831ebf8b9c44ed79590e6f20c28b702a811909c296c43e08
2c8ae0c883c62c03c5800ca91a31d1f0e00088683fb5f4131667c0504ce99e64
2d679b9ebde19e21e5803acd7d27bb26815ae4100c92f0bb2e6a8d7bde66c4cb
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3280c4301577bd837b826a5b3f1e976106f554a3923645770de8d756b2b89dd3
33b1d92dea99b2090acb03ad2f65f79264ca95dcc1f0581ae545a8956efcc04f
340ba14b5b4d08b5e8c0b9ee8f024c60a72e7528f5e4ad6210e2cbd97977611d
36c89a76de66ef92ad694258272089f24cf0cb8f5cf449641d8f465bc146c714
36f22718f6ca223dd07d63d9064361109e3db43735f459181bb94f972bd02f09
39db767587d4955d9a867ed89b129f39c614fa1f4a7399fc64b14d908e979ee9
3a22b29e11f6ad3ed458e71525b4edfaf0b9ab4cd962ae9a239b9509c106c826
3a42fd795b37d63b9fc1bc379c1e16dbf8bf4f87c67c999e0a8a0a35bee94f98
3a7b5f2e7e3fd51102d05b2706291210864e7890361d932311a18048073374ae
3fdde479e6547ad2de604bd947fa17fb80378cbe689e0a36c97a4bff9cd8331d
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
405bd8e7ec691f5cf5517a894b54dbff001cfff31fd8625abfb768e55813eac7
428f1eb7935944229430ac0fdce0033f05d9b8c1c020b87c681dd7a78ab4dd19
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5094b2cddcafbe5ec79c053c50bde8bbc5d2ae568c00908b9b3fb90dc197e141
53473b748f37677e5e8decf8a5c303b607854b96d399ecd6cfcc44a70157aacb
541b2a341cf1eb1e46bc40801c3b0ca41f043ab09dd180c0f1adf33619612467
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
60b6fb70c39877b90333526914dbc0d47052cd8c4c298c421aaee2f9d6b48bcc
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645e2a037f59021dc96a158f923a87394998767ede4daf2c123e5a7404ce989e
64a7b441531759e2cd1008ebca931624cad291311d399f40f77d70d62acecef1
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
674f601da1dd9ada5fecab6a9f3c61ad3b9bac0b4e5473903459c4a817a7b6c7
67879d3fa53f398ab9f09a5a8c3fb1d13e9a7e5b9b4ed27e27e679e273f8dfb9
69199efc7a0c5a7c74c99a46668105fdf6ee890731a7308e2dcba5553e2f3c7f
6993ba26773701ed0b5343dede6669fe0604d21b88c658ab3b06203f79d948d2
6ab8913b57bd346f12dc9a91abe097e28797e5bc13791fbb1651028cb6e454cd
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
72dbd696f7961daf9049faacc868865d959f3d126f40d5271f48d5d9a0ccc652
730703648d7313363c5ea76c8335d221de625372109bbffee1308a3e1609a6b3
7aa3de3cbeaac194729834621c09a127dfba2d7fc731a0807e81219a6f69b079
7bbfc9cd699b1b518081ec48296bd554f662ea340d5438e1f72130f1d912a785
7dca558b219d38f8feb7021e31466b26fccc157cbe9d94e9ac4f3ebd442617af
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
848fe19ed492948709b881f504ce2eb6274baa694606ca88eb9b2990a2460caf
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
88de5f95fea91d43e84cba58bbc21573c9f9f2a6d45b3bdd8af60295903c88c4
8d17593bcc84ed3a08551f9de0f3abd3dd923b3316e356cac54b58ee6461c596
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da33f98c0d0f2eb0383dcb403231643d8bb775ba4d19cf3f90ab761ee7100d7
90345a582a40150a1e17eb98703a3dfeb0724ebea5862f8f24d8f7f965cd7621
90c8ceab5c2d280204c690d5255617fd7a891bc3f27c97851266d726fdf93cbb
924b9922c6ba422e12cd87454470677946345e1efc883c9abdddc20bd02da2aa
936e2a79b73ecbd8d53e825de3c18ba942ba0896065872a266115ebe7904bc69
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
94d5b48b385f1b4aca4e8854caceaee9998e80c7e240d9a8d8a30139135e17ca
969ec05383f32d7f61c40d0c4fcd75b7be8d1362e5d51fa664ed59a1a2237adf
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a043e37e9770a0626b451e0be7366ebe3787add88a476991d265c077c761961c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a233318e5d99cea088aad43dcdad12b3d4763f9c108df13d73588e60db0cc14a
a3b405b2510fba2b69acd54d409aed128fe35cd7f0827d414e0551d8127954e2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a575e2f63d79cdaf5a92b4453bfcaadb462119aa1216b4f28920e37e2d9b8e7b
a7285580be75cd3030f88e9965590dbf8cc61ade01a82348b993c8f2a3f1245b
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ad246d47536dacf0256646042ec184678bfc630fcb638d9199bd66cf8cb5e457
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef8c5f433fd61f37461a4cb8443d315f367ad7e9de19e65676f71fdcf7af7c8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c2e1e72b0de356f6ce184e3af4fa8ab6590a2581162905a27d77886b2d960e00
c45a84e5e0ff6ed83afd426788be38a5cbc442dc6cce4631bfd5c22fdd1fc8df
c7e027256f51f97e712f9521e44c49c891160b0542dfd642941a3e39c8efb778
c93e56bfb68f8389b5decfcfb621863b3d4884039501f8290458d8345225fec4
d5489bd94611d301ad79fb6e097d73ffc65a1b9d2138ec8058091fd6baed3d25
d7096534be069413691b6f4588d3494aeccb2ccbb7a73b965541c0fec78cc374
d847e8fbdcdb70412a6bc30a3643ca53cb17a35d77f766e75456dbdcfb77bba1
dac6172584189afdad5b3dc9b17e611d3a6f051806bb99e1172ea8caba554c54
e0c7cdbd3979eb9f8b3ea44d9c5b08a532597013b716973c4a2df7ed533f55d5
e2077b55b821a74b2b055caeea87153a93c75ec4b5aaea50afb60b7370919939
e36cee99e6301eeb9d1d1af29a14f8e32757185ef4576c68a4b8a6276701f310
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
ea26c78f630f8d3924b66a3966e9d96b6ce9217ee085f6db77fa191e13a59848
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2487fe770f52c8631150215b55a2bb12a4bd9a9815f458212c85188c27e6e53
f8a5a772a8e31b35307e413d233ee42ab986414c9ab31ee640c6bbdd3e2d7e23
fd11fa353cc6a8560f4c35e67c6fb8a3a4061ed3de4309cdf83fca65f8319bb4
fd8c1e52950e26a16d004c782427f663daea358307525226bdf2d9f8d21459d7

app2.atmovies.com.tw Open in urlscan Pro 61.61.96.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

201 Requests

74 %HTTPS

34 %IPv6

38 Domains

65 Subdomains

51 IPs

9 Countries

1657 kBTransfer

4256 kBSize

33 Cookies

46 Outgoing links

Redirected requests

201 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

app2.atmovies.com.tw Open in urlscan Pro
61.61.96.232 Public Scan

Screenshot
Live screenshot

Full Image

201
Requests

74 %
HTTPS

34 %
IPv6

38
Domains

65
Subdomains

51
IPs

9
Countries

1657 kB
Transfer

4256 kB
Size

33
Cookies

201 HTTP transactions
5 data transactions