www.0512s.com Open in urlscan Pro
118.123.21.41  Public Scan

17 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 35

• https://d.agkn.com/pixel/2175/?google_gid=CAESEN1S3i3hteF2IYWb57UbLAA&google_cver=1&google_push=AehlK4BwK5yEmuq3C8MdT3P4iH64UJ8KZzpJpB4NOQDgBn6UkWQQfNkgK4JmL7fy98vjIKXfGtfz_DGxlEgN24hkkX5UmfMBeFwt HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BwK5yEmuq3C8MdT3P4iH64UJ8KZzpJpB4NOQDgBn6UkWQQfNkgK4JmL7fy98vjIKXfGtfz_DGxlEgN24hkkX5UmfMBeFwt&google_hm=Q0FFU0VOMVMzaTNodGVGMklZV2I1N1ViTEFB

Request Chain 37

• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIvyhQkpYpmwkNcgr1TUV8U&google_cver=1&google_push=AehlK4Bmf2FXoAqeupbePdSvQx2hskYsmKlxCebt-ct73yvVAlmwgHwBH3cfsTPkQKPTiBA1QoCjeWbtAEG-CBqrEj0YKSZZLzS6 HTTP 302
• https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIvyhQkpYpmwkNcgr1TUV8U&google_cver=1&google_push=AehlK4Bmf2FXoAqeupbePdSvQx2hskYsmKlxCebt-ct73yvVAlmwgHwBH3cfsTPkQKPTiBA1QoCjeWbtAEG-CBqrEj0YKSZZLzS6&rdf=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YWLM6ol1QIu5R4duec6V5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Bmf2FXoAqeupbePdSvQx2hskYsmKlxCebt-ct73yvVAlmwgHwBH3cfsTPkQKPTiBA1QoCjeWbtAEG-CBqrEj0YKSZZLzS6

Request Chain 38

• https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDjr63R7DSbydsGT4f8DXSQ&google_cver=1&google_push=AehlK4DmxDDRNQAGxgywb4Y5Xv18s7eJbxGC6c14XixlVdwjNuGVMptf0-8WdbOYUPk0bP4x3wH78cMFf5_le3msuuz6GTDslxb5 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJMEQ1OVItNi1DUzJY&google_push=AehlK4DmxDDRNQAGxgywb4Y5Xv18s7eJbxGC6c14XixlVdwjNuGVMptf0-8WdbOYUPk0bP4x3wH78cMFf5_le3msuuz6GTDslxb5

Request Chain 39

• https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_cver=1&google_push=AehlK4AF1N5jpOMBp6Ek-KFl-pFCer1gmwU38q1jppSmfry7Ed22be8v5OuL6HFk4UGRr5vM9KL_8t6FhBhamvhpf2WnGcuk2I47 HTTP 302
• https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_push=AehlK4AF1N5jpOMBp6Ek-KFl-pFCer1gmwU38q1jppSmfry7Ed22be8v5OuL6HFk4UGRr5vM9KL_8t6FhBhamvhpf2WnGcuk2I47&s=184023&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_hm=Ys1Hijx9xGi0SzaawKwaYgAABLEAAAIB&google_nid=index&google_push=AehlK4AF1N5jpOMBp6Ek-KFl-pFCer1gmwU38q1jppSmfry7Ed22be8v5OuL6HFk4UGRr5vM9KL_8t6FhBhamvhpf2WnGcuk2I47

Request Chain 43

• https://gcdn.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/1011E625AAD681B5EBC8528AE11B6A2128350B35.359F3CD5240CB2426934862189DB5A1248A8B81F/key/ck2/file/file.mp4 HTTP 302
• https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/795D8A875E4B9F8E4D045B813248446A7730AE58.0E7FD4257469B419EECD265FC6655994597F6CB9/key/cms1/cms_redirect/yes/mh/NL/mip/2001:ac8:20:3a00:1012:5dac:fbd3:e9c2/mm/42/mn/sn-4g5ednde/ms/onc/mt/1657620048/mv/m/mvi/1/pl/49/file/file.mp4

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response www.0512s.com/	15 KB 8 KB	3048ms 473ms	Document text/html	118.123.21.41 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://www.0512s.com/ Protocol HTTP/1.1 Server 118.123.21.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software wts/1.6 / ASP.NET Resource Hash ccf63fc0fca6a85c692be9bc67b7e65beebb170bdd3c45cd870a74e7e82dc0e5 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control private Connection keep-alive Content-Encoding gzip Content-Length 7987 Content-Type text/html Date Tue, 12 Jul 2022 10:05:55 GMT Server wts/1.6 Vary Accept-Encoding X-Powered-By ASP.NET
GET H/1.1	200 OK	gg.js Show response www.0512s.com/	1 KB 845 B	237ms 236ms	Script application/javascript	118.123.21.41 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://www.0512s.com/gg.js Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol HTTP/1.1 Server 118.123.21.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software wts/1.6 / ASP.NET Resource Hash 98cc1631fa71e31938b45417b956b869602ae64f641693c36620fbbee4f94ec7 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:05:55 GMT Content-Encoding gzip ETag "57a1ab1f24f2d51:0" Last-Modified Wed, 04 Mar 2020 12:55:04 GMT Server wts/1.6 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type application/javascript Connection keep-alive Accept-Ranges bytes Content-Length 524
GET H/1.1	200 OK	css2017.css www.0512s.com/css/	4 KB 1 KB	246ms 244ms	Stylesheet text/css	118.123.21.41 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://www.0512s.com/css/css2017.css Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol HTTP/1.1 Server 118.123.21.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software wts/1.6 / ASP.NET Resource Hash 9a93a7e4366a0d9ec2e0a36c6890c1a1dbe317e78b43eb0b6fd9a79ed524a93f Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:05:55 GMT Content-Encoding gzip ETag "60b36253b0a6d61:0" Last-Modified Tue, 20 Oct 2020 07:12:09 GMT Server wts/1.6 X-Powered-By ASP.NET Vary Accept-Encoding Content-Type text/css Connection keep-alive Accept-Ranges bytes Content-Length 1194
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	165 KB 56 KB	105ms 62ms	Script text/javascript	2a00:1450:4014:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3b686a4c3e2957e005ea40a3d9085e9e14ea324896e54d0a7ac6149a265484df Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 10:05:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 56575 x-xss-protection 0 server cafe etag 14980879066871306555 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Tue, 12 Jul 2022 10:05:55 GMT
GET H/1.1	200 OK	logo2.jpg www.0512s.com/	14 KB 14 KB	245ms 244ms	Image image/jpeg	118.123.21.41 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL http://www.0512s.com/logo2.jpg Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol HTTP/1.1 Server 118.123.21.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software wts/1.6 / ASP.NET Resource Hash 6bab39fd893311bc9d98d21b5757d7e8a824d906606a30c387a8570c6fd2a524 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:05:55 GMT Last-Modified Thu, 31 May 2018 16:30:38 GMT Server wts/1.6 X-Powered-By ASP.NET ETag "eeccfb5fcf8d31:0" Content-Type image/jpeg Connection keep-alive Accept-Ranges bytes Content-Length 14257
GET H/1.1	200 OK	xgx.js Show response 1.0512s.com/common/wrqj_x/production/t/openjs/	4 KB 2 KB	5805ms 217ms	Script text/javascript	115.231.186.133 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL http://1.0512s.com/common/wrqj_x/production/t/openjs/xgx.js Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol HTTP/1.1 Server 115.231.186.133 , China, ASN136188 (CHINATELECOM-ZHEJIANG-NINGBO-IDC NINGBO, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software yunjiasu / Resource Hash 1808a34956802ce3035757271decb8da0bb1b38874105a349488ba323467ca5c Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:06:01 GMT Content-Encoding gzip Last-Modified Mon, 11 Jul 2022 02:48:33 GMT Server yunjiasu YJS-CacheStatus HIT YJS-ID b75b245db2bf2b5d-111 P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control public, max-age=14400 Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 1806 Expires Tue, 12 Jul 2022 14:06:01 GMT
GET H/1.1	200 OK	js-sdk-pro.min.js Show response sdk.51.la/	33 KB 13 KB	197ms 94ms	Script application/javascript	47.253.50.2 ALIBABA-CN-NET Al...
General Check archive.org Show headers Download Go to Full URL http://sdk.51.la/js-sdk-pro.min.js Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol HTTP/1.1 Server 47.253.50.2 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN), Reverse DNS Software openresty / Resource Hash 0aa0b279778068be1848bbb21a3411e4ffc48d53a7254411e07e35e1b0fc0d71 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:05:55 GMT Content-Encoding gzip Last-Modified Wed, 01 Jun 2022 06:53:46 GMT Server openresty ETag W/"62970cfa-8484" Transfer-Encoding chunked Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control max-age=1296000 Access-Control-Allow-Credentials true Connection keep-alive
GET H/1.1	404 Not Found	hezuo.jpg www.0512s.com/	5 KB 5 KB	236ms 235ms	Image text/html	118.123.21.41 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL http://www.0512s.com/hezuo.jpg Requested by Host: www.0512s.com URL: http://www.0512s.com/css/css2017.css Protocol HTTP/1.1 Server 118.123.21.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software wts/1.6 / ASP.NET Resource Hash 60f4717664f0f0ed11131e71b42ef4683a48131fc1d6570c8776d20f342bb20c Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/css/css2017.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:05:55 GMT Content-Encoding gzip Server wts/1.6 X-Powered-By ASP.NET Transfer-Encoding chunked Content-Type text/html; charset=utf-8 Cache-Control private Connection keep-alive
GET H2	200	show_ads_impl_with_ama_fy2019.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/	340 KB 120 KB	48ms 47ms	Script text/javascript	2a00:1450:4014:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3180103e3493e432787d8ae1d15db55df708bd4143770550d20dd574a2c0b4c6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 10:05:55 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 122412 x-xss-protection 0 server cafe etag 5449597550895232899 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Tue, 12 Jul 2022 10:05:55 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/ Frame 82F1	10 KB 5 KB	27ms 6ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20220707/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.0512s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 43777 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=1209600 content-encoding gzip content-length 4414 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Jul 2022 21:56:18 GMT etag 10429905676100781186 expires Mon, 25 Jul 2022 21:56:18 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	213 B 642 B	87ms 41ms	Script text/javascript	142.250.185.66 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=www.0512s.com&callback=_gfp_s_&client=ca-pub-7337066968912376 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.66 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s48-in-f2.1e100.net Software cafe / Resource Hash 8536ba405a270d6a142101a6dbf89a25aacea99f4bf8a5193c7ffc7acee6c092 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 10:05:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 197 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.de/adsid/	107 B 792 B	36ms 14ms	Script application/javascript	2a00:1450:4001:80e::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.0512s.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Jul 2022 10:05:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H2	200	integrator.js Show response adservice.google.com/adsid/	107 B 549 B	36ms 15ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.0512s.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Jul 2022 10:05:55 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 89EF	116 B 114 B	76ms 62ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&adk=1812271804&adf=3025194257&lmt=1657620355&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwww.0512s.com%2F&ea=0&pra=5&wgl=1&dt=1657620355803&bpp=2&bdt=399&idt=99&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8343079674113&frm=20&pv=2&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=113 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.0512s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 91 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Jul 2022 10:05:55 GMT expires Tue, 12 Jul 2022 10:05:55 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H/1.1	200 OK	eacgwcf.js Show response 1.0512s.com/	109 KB 37 KB	225ms 224ms	Script text/javascript	115.231.186.133 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL http://1.0512s.com/eacgwcf.js Requested by Host: 1.0512s.com URL: http://1.0512s.com/common/wrqj_x/production/t/openjs/xgx.js Protocol HTTP/1.1 Server 115.231.186.133 , China, ASN136188 (CHINATELECOM-ZHEJIANG-NINGBO-IDC NINGBO, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software yunjiasu / Resource Hash 14f160e56668d04448511472e38fc3e3e2d8d657122f953b72b47254bd278570 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:06:01 GMT Content-Encoding gzip Last-Modified Mon, 11 Jul 2022 02:48:33 GMT Server yunjiasu YJS-CacheStatus HIT YJS-ID b75b245fb2c42b5d-111 P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control public, max-age=14400 Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 37636 Expires Tue, 12 Jul 2022 14:06:01 GMT
GET H/1.1	200 OK	pr.js Show response cpro.baidustatic.com/cpro/ui/	255 B 685 B	1600ms 221ms	Script application/x-javascript	113.105.172.35 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Full URL http://cpro.baidustatic.com/cpro/ui/pr.js Requested by Host: 1.0512s.com URL: http://1.0512s.com/common/wrqj_x/production/t/openjs/xgx.js Protocol HTTP/1.1 Server 113.105.172.35 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software JSP3/2.0.14 / Resource Hash f012f754c1f5e78fb4b99e0b0fc3f56297c1654488072f7a39bcb3ef37b58c14 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Ohc-File-Size 191 Date Tue, 12 Jul 2022 10:06:02 GMT Content-Encoding gzip Age 604 X-Cache-Status HIT Transfer-Encoding chunked Connection keep-alive Ohc-Cache-HIT dg3ct52 [2], xactcache64 [2], wzix64 [2] Last-Modified Thu, 03 Mar 2022 08:15:50 GMT Server JSP3/2.0.14 ETag "62207936-ff" Content-Type application/x-javascript Cache-Control max-age=3600 Accept-Ranges bytes Timing-Allow-Origin * Expires Tue, 12 Jul 2022 10:54:47 GMT
GET H/1.1	200 OK	sj.gif www.0512s.com/	577 B 838 B	245ms 244ms	Image image/gif	118.123.21.41 CHINANET-BACKBONE...
General Check archive.org Show headers Download Go to Show image Full URL http://www.0512s.com/sj.gif Requested by Host: www.0512s.com URL: http://www.0512s.com/css/css2017.css Protocol HTTP/1.1 Server 118.123.21.41 , China, ASN4134 (CHINANET-BACKBONE No.31,Jin-rong Street, CN), Reverse DNS Software wts/1.6 / ASP.NET Resource Hash f6b9a014546b2839a92b4d387b1d96dcc899d3bafaa95f11b07229bb8bbb5142 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/css/css2017.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:06:01 GMT Last-Modified Thu, 22 Mar 2018 01:13:34 GMT Server wts/1.6 X-Powered-By ASP.NET ETag "ef3f81ff7ac1d31:0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 577
GET H3	200	integrator.js Show response adservice.google.de/adsid/	107 B 122 B	29ms 15ms	Script application/javascript	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.de/adsid/integrator.js?domain=www.0512s.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Jul 2022 10:06:01 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	integrator.js Show response adservice.google.com/adsid/	107 B 122 B	29ms 15ms	Script application/javascript	2a00:1450:4001:813::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://adservice.google.com/adsid/integrator.js?domain=www.0512s.com Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * date Tue, 12 Jul 2022 10:06:01 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info." cache-control private, no-cache, no-store cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type application/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 100 x-xss-protection 0
GET H3	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame B45E	78 KB 25 KB	456ms 456ms	Document text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7337066968912376&plah=www.0512s.com Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b137c7f9c03e834e56a15512ee17ff24eabf7cf172833a449b19b9f45897cddb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://www.0512s.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control private content-encoding br content-length 25782 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Tue, 12 Jul 2022 10:06:02 GMT expires Tue, 12 Jul 2022 10:06:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
POST H/1.1	200	collect Show response collect-v6.51.la/v6/	0 395 B	556ms 255ms	XHR text/plain	183.131.207.66 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL http://collect-v6.51.la/v6/collect?dt=4 Requested by Host: sdk.51.la URL: http://sdk.51.la/js-sdk-pro.min.js Protocol HTTP/1.1 Server 183.131.207.66 , China, ASN136190 (CHINATELECOM-ZHEJIANG-JINHUA-IDC JINHUA, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software CloudWAF / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Access-Control-Allow-Origin http://www.0512s.com Date Tue, 12 Jul 2022 10:06:02 GMT Access-Control-Allow-Credentials true Server CloudWAF Connection keep-alive Content-Length 0 Vary Origin, Access-Control-Request-Method, Access-Control-Request-Headers
GET H2	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220707/r20110914/ Frame B45E	21 KB 9 KB	29ms 7ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/abg_lite_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash a2625083f682f667dbd0121720f86b02cc023e7cc2c36d1fad2d1a3dbe0b8cc6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 09:40:06 GMT content-encoding gzip x-content-type-options nosniff age 1556 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8671 x-xss-protection 0 server cafe etag 18116328616323621410 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Jul 2022 09:40:06 GMT
GET H2	200	css fonts.googleapis.com/ Frame B45E	8 KB 1 KB	37ms 15ms	Stylesheet text/css	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Tue, 12 Jul 2022 09:01:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Tue, 12 Jul 2022 10:06:02 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 12 Jul 2022 10:06:02 GMT
GET H2	200	outstream.min.css imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame B45E	14 KB 3 KB	44ms 7ms	Stylesheet text/css	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.css Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 14:10:57 GMT content-encoding gzip x-content-type-options nosniff age 71705 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2798 x-xss-protection 0 last-modified Mon, 27 Jun 2022 10:52:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/css cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Jul 2023 14:10:57 GMT
GET H2	200	outstream.min.js Show response imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/ Frame B45E	354 KB 123 KB	44ms 8ms	Script text/javascript	2a00:1450:4001:808::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0e91b740e0aebfa7aeeff33dd62379b9920fd9419282ba124be588f8670fec89 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 14:10:57 GMT content-encoding gzip x-content-type-options nosniff age 71705 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 125445 x-xss-protection 0 last-modified Mon, 27 Jun 2022 10:52:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="ads-doubleclick-instream-static" vary Accept-Encoding report-to {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Jul 2023 14:10:57 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/ Frame B45E	17 KB 7 KB	30ms 8ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20220707/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 09:15:54 GMT content-encoding gzip x-content-type-options nosniff age 3008 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7309 x-xss-protection 0 server cafe etag 16921397534319471551 vary Accept-Encoding, Origin content-type text/javascript; charset=UTF-8 cache-control public, max-age=1209600 timing-allow-origin * expires Tue, 26 Jul 2022 09:15:54 GMT
GET H2	204	l www.google.com/ads/measurement/ Frame B45E	0 0	37ms 15ms	Image text/html	2a00:1450:4001:829::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/ads/measurement/l?ebcid=ALh7CaSMrjEWNb_gKA5W3_UWoFfp8ZjWaFkQsPMpCrNYYDhstZwg8aZqP0aV5yRpfCfVfc2K_Ry3Doo9I33KAcXkaIFTOtWxow Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers
POST H2	204	csi csi.gstatic.com/ Frame B45E	0 327 B	76ms 28ms	Ping image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&puid=1~l5i0d56g&c=5299123956023&slotId=2649561978011.5&qqid=CNyVzYaN8_gCFZWPmgodoqMINA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	KFOlCnqEu92Fr1MmWUlfBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame B45E	15 KB 16 KB	29ms 8ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 00:12:14 GMT x-content-type-options nosniff age 35628 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15860 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Jul 2023 00:12:14 GMT
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/ Frame B45E	15 KB 16 KB	21ms 6ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Mon, 11 Jul 2022 19:07:55 GMT x-content-type-options nosniff age 53887 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 11 Jul 2023 19:07:55 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B45E	0 20 B	47ms 47ms	Image image/gif	2a00:1450:4014:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CdDsNiUfNYpytJJWf6gSix6KgA-eyjIRrgqyY2aQQmJL4h7MCEAEg2LWkB2CV4pCCoAegAeLz3-AoyAEFqQKGsHE9RMuwPqgDAcgDmwSqBIwCT9A5fN4iV4PnJoit3fnZszTEmp3spODTogBxuo4teqcVicoZtRi9DfuYqELwHGyRYsMwJkB_g5RXCDP0UVJe1z0i7Lkzqss_G9N5WHjCe4ocmyrtXYqH3I5vfLldpztGBizmBl_S-hVBE2GfJLKSkqKypiJDQmojx6bcZHcj6iacCWY5K7LODIdlAARYC2ZOqjdaUGhmCpxMCKJ9vzPZAktA2RkMBq5R2QgiN5GZlxlJU83mGcv1gdL9ozI0Ue-X8RYVDewb4tuqcLLLw_kdkYLcNwut_EFtLnIfTE783LOiZ9LpSrBXKlYXiZk5qEBbknV5RqFcBNACdZ91Bgxew7EKCY--iFEwmGjLDMAEiO2DzIUE4AQDkAYBoAZOgAfiq7DAA6gHjs4bqAeT2BuoB-6WsQKoB6EBqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA-gcTZGUuZnJlZW5ldC5pbnRlcm5ldLgIAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBPA-eMPyBOh9uvgA9gTCogUA9gUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1657620362117&ai=CdDsNiUfNYpytJJWf6gSix6KgA-eyjIRrgqyY2aQQmJL4h7MCEAEg2LWkB2CV4pCCoAegAeLz3-AoyAEFqQKGsHE9RMuwPqgDAcgDmwSqBIwCT9A5fN4iV4PnJoit3fnZszTEmp3spODTogBxuo4teqcVicoZtRi9DfuYqELwHGyRYsMwJkB_g5RXCDP0UVJe1z0i7Lkzqss_G9N5WHjCe4ocmyrtXYqH3I5vfLldpztGBizmBl_S-hVBE2GfJLKSkqKypiJDQmojx6bcZHcj6iacCWY5K7LODIdlAARYC2ZOqjdaUGhmCpxMCKJ9vzPZAktA2RkMBq5R2QgiN5GZlxlJU83mGcv1gdL9ozI0Ue-X8RYVDewb4tuqcLLLw_kdkYLcNwut_EFtLnIfTE783LOiZ9LpSrBXKlYXiZk5qEBbknV5RqFcBNACdZ91Bgxew7EKCY--iFEwmGjLDMAEiO2DzIUE4AQDkAYBoAZOgAfiq7DAA6gHjs4bqAeT2BuoB-6WsQKoB6EBqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA-gcTZGUuZnJlZW5ldC5pbnRlcm5ldLgIAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBPA-eMPyBOh9uvgA9gTCogUA9gUAdAVAfgWAYAXAQ Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	vast Show response bid.g.doubleclick.net/dbm/ Frame B45E	30 KB 17 KB	116ms 63ms	XHR text/xml	64.233.184.156 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CG2EVaF8t5I3ihlwGEUQhiIc54bNeTms70qgBJcDDlvrpo1W2tHCKdcwB4fqW_7YXUSzdvd47KUqitqNu4b3Ka_wMueg&dbm_d=AKAmf-BcutDXTy0Ne2f-Q8VTMgboq_lNQiJG_MBAizzqz2Z_GFW2SU0hwaxRXY48hVapILyoW7syPAwQlpCVfMCPkUqATlslmJ6-PBu2Tk1AFAFnMCc280IQZcOQ5MlnafZ4QSCVBwbLiq9cJnjR0WVgYFAsWHnqVUge1KCdld_fDALPhEHf-WBsg8nzxjqJXGE4pZjqEoAo6fzamNCI3GgeSsli7UJ4nVuzWAj24O7hEjKmrHYoygEaLrUXqV-C8rR_3-X8So0jjtu5JK1nDauRFXqACqU-ehnYQOeKeZOC5Ygyz49SF5tP-Xavt-YYJ-iToX4RP886gjxBYqhnCOymq24ZtNeUsdOxPW6kAKaxAcZhYtrqD8PKOBKXCt-OFkY__ZTWnQB_oBbsrgF-jZg66NkQoHsvqqIcvDdsVF3-_vu67PPY3064E_Y4_ZXfevZZwR_P7cE4WJfN3TxnxpuF9xHEaYr3D06xdHCczBWcutL2sfJai9Xg3o8NvnwyFy4BuzuLFAZauqcbuUadjTn7K3DNRWgLXpaL54pkgDRJYFo5MBOatBrXudfYtDKV_oQ4a6QtJ8YZsPl91aI30O7SMz7e33Gyh-dEmcighHKpYiDNsIcVJ73q9F5dTrA_Q2nsbgh_Kk3WPuJxuqGw06oxm9VwRur-5n11jEKs2lNX9V4O2PaAXagJKDgPAYUqlVYnGS054uMDxvZCqrC5KiNdJYVufROxkwqlOJ8AIH2vyYRGYqXocObwh06IPAwQOdP0BQ4Mwi7_tPm0PBNhKtq_bB46t56yPTI91BBbdfnGQgCx52T-88o1o-IwsrEuC_6sCDjV9FD-od-6JyQA8l3OedonIJ05g_CYPLAsZdfpDdZ6qrQo2DJGtCME4f-V1se6tsYG75JtmHYbzr65QB_cm5h8AcVSwwLVtMGO_xVKTvFFiYkRzPEXquLO9KpigXuHvy-tE3s2fQjZ2Ysgv5uxB3YCobBX4OVxtG9Pbk0byvhNYXGdesOt9eJ4fDaSQyobq9cmc3KiqbE-WxDL9WZfa39q8NavQ2_6ChLthODNMJfk4oXZRR6I-FwnTm2bu-c7sYtFZhw7WY7G-cII-IsfnZ25Mak3CUDGLcqULibrbdmSH_yzeySxod6ZwuJdU2KX4lQvK8qsFarIBvnf8K-8dPyTWVVP1ELcrPHobMonlVWSwKVgfBwnHaKF8n6Xhrlli8soC5KPrkgg5GwW40dWiWwXglRxMQLqbB6AKiVWp8NXTreI43DWDhOzb-yrDgJFgwweAJdCGw6sIELc_nkgXNojTp0zVPb1qyfSlwg1Ke-wLaEsNdqJcrtzTgVbRl5RJnZrQn3wf_F59t348Ubid06Ld74RpJ176h_TFwTidPHZP7AhfH0yRuRO3sQTL80_qEc2H4nZzwdHi5VJrQQyV4OEXx0TyYnoRkJScKD1DtYrqQsqqMZ_SqIfZw5zUBJTrvqt94SV6DWgoASruomilUMQYXSbtaOfEZ934YXw9CGnS6YEz5CEvm0RRHHgcDoYyIqcJFBaoHmDbcc_0g4XYn06xRy-jv_yiBKNuNV2z9Iu30BftA-KPO9GanokfvLlJ1X_5XcUwEcwO1r8AYV5nHz0vAAb66N6J0UcrmqENTOkzMzZCIOqnU5spksD6IH6QzffIyg0JhVrw2scwD9UrLjjn5eOY82BSu1vhK0hwSTsAIx3narF_uhbbEs1OgH6WP_wTYv2LPLtzIIXpnnijk92niHgLIl8NTZbctZabMjUafyctFsz86qwIiFgzz-RVJWPw1ikSrix2XAAWI2pOqIxYnUqKyxOyD7dQu9oMItqBQCJbxARnxb5bM2S8vNyULQg-AOvFLvBRmnEkU2FBhh2NlXvtY4jwgWGWtKMsiAdjF1omSS-CzP1kQoMNUpjbboB1OSIrjP9_0T5cP9TRmtgbhB4P9r0iSsX8Z5bdyqQ3EiMl2Edwbjo3rrx_97xjDTv6v-LEyybFI77yhhSsdQN6J73Nj0Fz53llEy69m10wGRgD_K4O3DB-Sf3TlUD5AA0dH9w-4nydaXWGyozEgAAi4kT-ZSP2tYbnftWHZ54kWYL2ROYS-mSL8lcbiaGfTw7kYf9dtfdc-_f1G8HvbiaZm-MiJ8QIYqjP23nd6C61Iy0xjO0K88LnrtFbgPbtHmlr6aHxzLZgNxiwTWHR-5UEsnDv3jJCLUp5TJJHONYpidhJi-iS6rn9pKnBxgJjqaOcpi96dBwW1CWHHwDv7eCP-g898g3pNPWKi8snjRulBMA1h6uKmg5Bn3zawuPhsl5SggE4CVBs8arSMio_lH52wnTAC9t93sFL21gc6fNQjWlpEsOFLLFTwo5Yu4ODManeAU_W-58D53sQ4MYV9hqlQ_KsGgchKLW9ZvFtuAqkAXL5YDbPglFtNlZSaiCxKIBclmsQjgJFoQRyFdO6Pcj-2Ri12Dvg28lrlhiXj6uVlBLwGWUUwH6ktZrYkunhzwkaUJQUer69IRjYAVjeqEmf8Bt-r5sOJRYyU1ZbjYQ-G5hxeeTm-71TXgg4ASj6jm2quivXXk3xJ5eDdnACY-H7VhR8WtzDoPXcRqSGTDzOWEi8fwejkpoozcMYCxnOPkQx5x4JedJgqfMfw_bLtJ12jLWxAgYbDWyM2-jJjPaOSi8GqiBuoE88vZqtiIL8Vdu5TYU878vsOU_eQUi81uLKTYpVertk6evhwT6PzBRY97KFwCM9CyoCtXejlbw9cgg7Rw9OQp8MYP9Fg0rEw6Bf9QlagN97rafXPI-nSKAd5Lp3991rHpdJXnXIwooZK6Kb2XJfbeRyuluBp5k3r-Z_El1mkHwWWmBgWyE3rtukLY0F9Lqm1buqC4Db2gZQCk4gBT9pDtsu6bJbyVrKdP_Ezxtrlkt88bvkeTtOz_lOaDL2Ck3VVDRON7Iubg488-6OgqhpsUKbk1NiSmfyCMJx-vU42hiyU1G39W38SQA9Zuwp6G4fQAWp2UUdBhR5zbrtaL9xLoLq_eUQ1_3zwRE9Zj0rf7_W8qlfYwG_0TbJP1A2JW46tW490__IGD-ZNC1tLJ8wndj29f2cgQQhS-y4KE5LLOHwY6rvRd9Y7hZdzs68Ns_Au13rhUpYBjE9viT1tJ8Z3ARygvY7onnj86h-WGsrc7trzRR_gdkJHHzgn-uRSIHxoVno-6m6zwePN3MS45Mi70ZNeSpDpHkHseXbCk9nzo28vaD9RB4OOkG7KPEKltTSWUR2AioTjYeclJBsfeKB7IFWr0_w4ZsK1WZvLzC-klJzYjwaV3_VcLLxnyQhOWXsJJD4DMTXWiFfsveUW5WRmz5kLMfCUZan8RGdOqc8A&cid=CAASJeRocQxe8_0Wy5z8Y4fkv9Tjpfh4lXUINqHwNwwuVZUssCs5qF8&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 64.233.184.156 , United States, ASN15169 (GOOGLE, US), Reverse DNS wa-in-f156.1e100.net Software cafe / Resource Hash ddad9dd94e4e4d366b1fb47ce70dba94f545872728515d879e3f91a663977fe7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 10:06:02 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16455 x-xss-protection 0 pragma no-cache server cafe content-type text/xml; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	adview googleads.g.doubleclick.net/pagead/ Frame B45E	0 0	45ms 45ms	Fetch text/html	2a00:1450:4001:803::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/adview?ai=CoSkeiUfNYpytJJWf6gSix6KgA-eyjIRrgqyY2aQQmJL4h7MCEAEg2LWkB2CV4pCCoAegAeLz3-AoyAEFqQKGsHE9RMuwPqgDAaoEiQJP0Dl83iJXg-cmiK3d-dmzNMSaneyk4NOiAHG6ji16pxWJyhm1GL0N-5ioQvAcbJFiwzAmQH-DlFcIM_RRUl7XPSLsuTOqyz8b03lYeMJ7ihybKu1diofcjm98uV2nO0YGLOYGX9L6FUETYZ8kspKSorKmIkNCaiPHptxkdyPqJpwJZjkrss4Mh2UABFgLZk6qN1pQaGYKnEwIon2_M9kCS0DZGQwGrlHZCCI3kZmXGUlTzeYZy_WB0v2jMjRR75fxFhUN7Bvi26pwspPCY-gCEJqlygBDOuyRY5L9VXFtpFPoxBjtoEog9R2ggZxF101j2MpRj0StRqtuEua0G3LbcpKu9D-38uwRwASI7YPMhQTgBAOIBfemmelBkgUGCBsQAxgBkgULCCIQAxgBSMKpxwGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB-KrsMADqAeOzhuoB5PYG6gH7paxAqgHoQGoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEPXtAxjL79POAfoHE2RlLmZyZWVuZXQuaW50ZXJuZXS4CAHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbATwPnjD8gTofbr4APYEwqIFAPYFAHQFQGAFwGyFxwKGggAEhRwdWItNzMzNzA2Njk2ODkxMjM3NhgA&sigh=ThwMTusgb6U&uach_m=[UACH]&cid=CAQSPACNIrLMWD6ufJ7Voab8Tziylvsys0rDfJbY1oXD3am-3VxNU7NBPHigkvwgvKBRpStQoeX6mddd-1pB-w&vt=10 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers timing-allow-origin * content-security-policy script-src 'none'; object-src 'none' x-content-type-options nosniff server cafe date Tue, 12 Jul 2022 10:06:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-type text/html; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3	200	cookie_push_onload.html Show response pagead2.googlesyndication.com/pagead/s/ Frame 91B3	1 KB 749 B	13ms 13ms	Document text/html	2a00:1450:4014:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 74526 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=86400 content-encoding gzip content-length 724 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Mon, 11 Jul 2022 13:23:56 GMT etag 48472445140208031 expires Tue, 12 Jul 2022 13:23:56 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET DATA	200 OK	truncated / Frame B45E	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bedce881be395f0031625f783f9bb64b2b379f36bd080ac0bc1950f77a56f564 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Content-Type image/png
GET H2	200	dpixel cms.quantserve.com/ Frame 91B3	35 B 463 B	34ms 9ms	Image image/gif	2620:116:800d:21:7eb1:3826:be7e:d981 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEEfb4I39TugHozDMylBu6g8&google_cver=1&google_push=AehlK4CWQN_ElsaO799k2Pfjo97zBoOvTIs_jbujUFtZbmAOtr5xosN5rPPO2XsPwewQB-SQWiAJ49HvemTiEp_QpXJQCNVPxeru Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8 Security Headers Name Value Strict-Transport-Security max-age=86400 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT strict-transport-security max-age=86400 p3p CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV" cache-control private, no-cache, no-store, proxy-revalidate content-type image/gif content-length 35 expires Fri, 04 Aug 1978 12:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 91B3 Redirect Chain https://d.agkn.com/pixel/2175/?google_gid=CAESEN1S3i3hteF2IYWb57UbLAA&google_cver=1&google_push=AehlK4BwK5yEmuq3C8MdT3P4iH64UJ8KZzpJpB4NOQDgBn6UkWQQfNkgK4JmL7fy98vjIKXfGtfz_DGxlEgN24hkkX5UmfMBeFwt https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BwK5yEmuq3C8MdT3P4iH64UJ8KZzpJpB4NOQDgBn6UkWQQfNkgK4JmL7fy98vjIKXfGtfz_DGxlEgN24hkkX5UmfMBeFwt&google_hm=Q0FFU0VOMVMzaTNodGVGM...	170 B 188 B	31ms 17ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BwK5yEmuq3C8MdT3P4iH64UJ8KZzpJpB4NOQDgBn6UkWQQfNkgK4JmL7fy98vjIKXfGtfz_DGxlEgN24hkkX5UmfMBeFwt&google_hm=Q0FFU0VOMVMzaTNodGVGMklZV2I1N1ViTEFB Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache Date Tue, 12 Jul 2022 10:06:01 GMT Server Apache-Coyote/1.1 P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AehlK4BwK5yEmuq3C8MdT3P4iH64UJ8KZzpJpB4NOQDgBn6UkWQQfNkgK4JmL7fy98vjIKXfGtfz_DGxlEgN24hkkX5UmfMBeFwt&google_hm=Q0FFU0VOMVMzaTNodGVGMklZV2I1N1ViTEFB Cache-Control no-cache, must-revalidate Connection keep-alive Content-Length 0 Expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	dds rtb.openx.net/sync/ Frame 91B3	43 B 350 B	44ms 22ms	Image image/gif	35.227.252.103 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://rtb.openx.net/sync/dds?google_gid=CAESEDovNdIM_nSuwRqvd2GfEbU&google_cver=1&google_push=AehlK4B-8y7zn5aDaDUk-yRbUnpoyW1rssPqORw82BY9XdN9gKkHDSzNhZm47SuzP1N6a1eUTx8KG-ho3AmBJtaDpwB_OKLi8AE Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US), Reverse DNS 103.252.227.35.bc.googleusercontent.com Software Cowboy / Resource Hash 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:01 GMT via 1.1 google server Cowboy vary Origin p3p CP="CUR ADM OUR NOR STA NID" access-control-allow-origin null access-control-expose-headers cache-control private, max-age=0, no-cache, must-revalidate access-control-allow-credentials true content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-request-id mionu8hadocr0n5nd5va2kcsbah56pse
GET H3	200	pixel cm.g.doubleclick.net/ Frame 91B3 Redirect Chain https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%... https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YWLM6ol1QIu5R4duec6V5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...	170 B 188 B	18ms 18ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YWLM6ol1QIu5R4duec6V5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Bmf2FXoAqeupbePdSvQx2hskYsmKlxCebt-ct73yvVAlmwgHwBH3cfsTPkQKPTiBA1QoCjeWbtAEG-CBqrEj0YKSZZLzS6 Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers location https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=YWLM6ol1QIu5R4duec6V5Q%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AehlK4Bmf2FXoAqeupbePdSvQx2hskYsmKlxCebt-ct73yvVAlmwgHwBH3cfsTPkQKPTiBA1QoCjeWbtAEG-CBqrEj0YKSZZLzS6 date Tue, 12 Jul 2022 10:06:02 GMT p3p CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC" content-length 0 content-type text/html; charset=UTF-8
GET H3	200	pixel cm.g.doubleclick.net/ Frame 91B3 Redirect Chain https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDjr63R7DSbydsGT4f8DXSQ&google_cver=1&google_push=AehlK4DmxDDRNQAGxgywb4Y5Xv18s7eJbxGC6c14XixlVdwjNuGVMptf0-8WdbOYUPk0bP4x3wH... https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJMEQ1OVItNi1DUzJY&google_push=AehlK4DmxDDRNQAGxgywb4Y5Xv18s7eJbxGC6c14XixlVdwjNuGVMptf0-8WdbOYUPk0bP4x3wH78cMFf5_le3msuuz6GTDslxb5	170 B 188 B	32ms 19ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJMEQ1OVItNi1DUzJY&google_push=AehlK4DmxDDRNQAGxgywb4Y5Xv18s7eJbxGC6c14XixlVdwjNuGVMptf0-8WdbOYUPk0bP4x3wH78cMFf5_le3msuuz6GTDslxb5 Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers Pragma no-cache P3P CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Location https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDVJMEQ1OVItNi1DUzJY&google_push=AehlK4DmxDDRNQAGxgywb4Y5Xv18s7eJbxGC6c14XixlVdwjNuGVMptf0-8WdbOYUPk0bP4x3wH78cMFf5_le3msuuz6GTDslxb5 Cache-Control no-cache,no-store,must-revalidate Content-Type text/html content-length 0 X-RPHost 3bafef7aa4e37890defcd73f0a080481 Expires 0
GET H3	200	pixel cm.g.doubleclick.net/ Frame 91B3 Redirect Chain https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_cver=1&googl... https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_push=Ae... https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_hm=Ys1Hijx9xGi0SzaawKwaYgAABLEAAAIB&google_nid=index&google_push=AehlK4AF1N5jpOMBp6Ek-KFl-pFCer1gmwU38...	170 B 188 B	17ms 17ms	Image image/png	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_hm=Ys1Hijx9xGi0SzaawKwaYgAABLEAAAIB&google_nid=index&google_push=AehlK4AF1N5jpOMBp6Ek-KFl-pFCer1gmwU38q1jppSmfry7Ed22be8v5OuL6HFk4UGRr5vM9KL_8t6FhBhamvhpf2WnGcuk2I47 Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol H3 Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ODuXv7HW0sMGrgzfUGrOu%2FRE%2BXB1YCtaP%2FWsVelunCOlAIp%2F7ld6wIk6B3IekOgyAgOIloNHO6cTTbhBbOGj2WROo1wdWroay8aYxKfL%2BWA0QOY8ltmyt%2FxABgZp9EtZZMs9iPqnZz%2BJCQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" location https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGmKg-UgmN-Ut_KmmOsKSGc&google_hm=Ys1Hijx9xGi0SzaawKwaYgAABLEAAAIB&google_nid=index&google_push=AehlK4AF1N5jpOMBp6Ek-KFl-pFCer1gmwU38q1jppSmfry7Ed22be8v5OuL6HFk4UGRr5vM9KL_8t6FhBhamvhpf2WnGcuk2I47 cache-control no-cache cf-ray 7298f6bffc41bb55-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 0 expires 0
GET		googleredir googlecm.hit.gemius.pl/ Frame 91B3	0 0
GET H2	204	attr cm.g.doubleclick.net/pixel/ Frame 91B3	0 232 B	50ms 14ms	Image text/html	142.250.185.162 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKgHIynQrdxWoJoFmmsQOsfmVXNuP5fXzGal1ymJRqAtPvaljD_DK0XZZCIIV_IyR_jtwKhw Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7337066968912376&output=html&h=280&slotname=7677518772&adk=2194637084&adf=4167012043&pi=t.ma~as.7677518772&w=1024&fwrn=4&fwrnh=100&lmt=1657620361&rafmt=1&psa=0&format=1024x280&url=http%3A%2F%2Fwww.0512s.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1657620361528&bpp=27&bdt=6123&idt=27&shv=r20220707&mjsv=m202207070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9834c4d50bac1dbc-229a5eb4cacd00a2%3AT%3D1657620355%3ART%3D1657620355%3AS%3DALNI_MYS3Y65tlPU53Cn1yK15GJj5h7G3g&prev_fmts=0x0&nras=1&correlator=8343079674113&frm=20&pv=1&ga_vid=440664164.1657620356&ga_sid=1657620356&ga_hid=1447065970&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=288&ady=1859&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531608&oid=2&pvsid=820933435191086&tmod=462058257&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=Mf5J8Ol0wn&p=http%3A//www.0512s.com&dtd=33 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.185.162 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s51-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://pagead2.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 10:06:02 GMT server HTTP server (unknown) alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 content-type text/html
GET H3	200	HdsydzJK.js Show response tpc.googlesyndication.com/sodar/ Frame B45E	41 KB 15 KB	22ms 7ms	Script text/javascript	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/HdsydzJK.js Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 08:18:39 GMT content-encoding gzip x-content-type-options nosniff age 6443 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15407 x-xss-protection 0 last-modified Tue, 03 Mar 2020 20:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 12 Jul 2023 08:18:39 GMT
HEAD H/1.1	200 OK	file.mp4 r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B45E Redirect Chain https://gcdn.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa... https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/acao,ctier,expire,id,ip,ipbits,ita...	0 0	63ms 6ms	Fetch video/mp4	2a00:1450:4001:17::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/795D8A875E4B9F8E4D045B813248446A7730AE58.0E7FD4257469B419EECD265FC6655994597F6CB9/key/cms1/cms_redirect/yes/mh/NL/mip/2001:ac8:20:3a00:1012:5dac:fbd3:e9c2/mm/42/mn/sn-4g5ednde/ms/onc/mt/1657620048/mv/m/mvi/1/pl/49/file/file.mp4 Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol HTTP/1.1 Server 2a00:1450:4001:17::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:06:02 GMT X-Content-Type-Options nosniff Connection close Alt-Svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 1891885 Last-Modified Tue, 05 Jul 2022 07:47:51 GMT Server gvs 1.0 Vary Origin Content-Type video/mp4 Access-Control-Allow-Origin null Access-Control-Expose-Headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms Cache-Control private, max-age=86400 Access-Control-Allow-Credentials true Accept-Ranges bytes Timing-Allow-Origin null Expires Tue, 12 Jul 2022 10:06:02 GMT Redirect headers date Tue, 12 Jul 2022 10:06:02 GMT x-content-type-options nosniff alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 666 x-xss-protection 0 pragma no-cache server ClientMapServer location https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/795D8A875E4B9F8E4D045B813248446A7730AE58.0E7FD4257469B419EECD265FC6655994597F6CB9/key/cms1/cms_redirect/yes/mh/NL/mip/2001:ac8:20:3a00:1012:5dac:fbd3:e9c2/mm/42/mn/sn-4g5ednde/ms/onc/mt/1657620048/mv/m/mvi/1/pl/49/file/file.mp4 x-frame-options SAMEORIGIN content-type text/html; charset=UTF-8 access-control-allow-origin https://googleads.g.doubleclick.net access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin https://googleads.g.doubleclick.net expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	H0ZEmIz7.html Show response tpc.googlesyndication.com/sodar/ Frame 2D0E	23 KB 9 KB	7ms 6ms	Document text/html	2a00:1450:4001:808::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 603614 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" cache-control public, max-age=31536000 content-encoding gzip content-length 8727 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Tue, 05 Jul 2022 10:25:48 GMT expires Wed, 05 Jul 2023 10:25:48 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Show response pagead2.googlesyndication.com/bg/ Frame 2D0E	36 KB 14 KB	13ms 13ms	Script text/javascript	2a00:1450:4014:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/ScuHrLJSuMz-P8UpD_WVXyUZt188tH6pyCCWmvqBSxI.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 49cb87acb252b8ccfe3fc5290ff5955f2519b75f3cb47ea9c820969afa814b12 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers date Tue, 12 Jul 2022 07:54:28 GMT content-encoding br x-content-type-options nosniff age 7894 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 13935 x-xss-protection 0 last-modified Fri, 01 Jul 2022 16:28:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 12 Jul 2023 07:54:28 GMT
GET		s pos.baidu.com/ Frame 51B2	0 0
GET H3	206	file.mp4 r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame B45E	2 MB 2 MB	18ms 7ms	Media video/mp4	2a00:1450:4001:17::6 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://r1---sn-4g5ednde.c.2mdn.net/videoplayback/id/84922b5e70a4cacb/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3801455373/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/795D8A875E4B9F8E4D045B813248446A7730AE58.0E7FD4257469B419EECD265FC6655994597F6CB9/key/cms1/cms_redirect/yes/mh/NL/mip/2001:ac8:20:3a00:1012:5dac:fbd3:e9c2/mm/42/mn/sn-4g5ednde/ms/onc/mt/1657620048/mv/m/mvi/1/pl/49/file/file.mp4 Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:17::6 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gvs 1.0 / Resource Hash aedd8a9ec798834ac01240d35d61bf08fcfd73e76b7ff4f05b7447c3e3982b5f Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://googleads.g.doubleclick.net/ Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Range bytes=0- Response headers date Tue, 12 Jul 2022 10:06:02 GMT x-content-type-options nosniff Content-Range bytes 0-1891884/1891885 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" Content-Length 1891885 expires Tue, 12 Jul 2022 10:06:02 GMT last-modified Tue, 05 Jul 2022 07:47:51 GMT server gvs 1.0 vary Origin content-type video/mp4 access-control-allow-origin https://googleads.g.doubleclick.net access-control-expose-headers Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms cache-control private, max-age=86400 access-control-allow-credentials true accept-ranges bytes timing-allow-origin https://googleads.g.doubleclick.net client-protocol quic
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 2D0E	0 20 B	50ms 49ms	Image image/gif	2a00:1450:4014:80b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Bcjf1ikfNYrmgDdSN9fgP08edkAcAAAAAOAHgBAI&bg=!YGOlYyfNAAaYcLjmuHA7ACkAdvg8WuqrmHGlY8BCqtiorzmo1-HqVhae4n6kijI4zggSH1tTScyScQIAAAB4UgAAAANoAQeZArpxF-jyYgCGK3wNJmpDXPYEHItf0ls62wjJ7CTmfjrE_OnikTDRdkX2Uk2bVhwPHLauMi-0WryxjEj7VCthsjcNYs9Q0_Cc-lgw-xSnC62qmnteq7KloULwm6V_aLJoSauv4WIBre2_o1nO3DydJljO8xBC6nZ8_lcfauLLsRe0rIAJbD2Og-C8H_GorZ3AXDKKt2QzOG8wFpswTJF3k10ddATyFPlQNDgFhTLvIn2G1XG_UT-_3UxV1QLW859oC8lis8vzkWSf3YAmvE6UOabZY_c5npEnFzdmlm-jTY9ZKpNs7TffK0lmCTWj1JMfHMBqZtTAuU1sMbFJJvcYWz_AR65C44IDTmChohV5VLxKZ7wHvklENSwlQ7fc9HsNhNkJu_aV5U3UfbySyKY1OqERbN8yPohqRLomBWonGI4-yrQgbyQEQPfJ5TSGgm0_DY76AMS5YdEYfgkbGqBO89WtT7QlKEt0-5xYU8auUXOxt2m_UhuPF78ku34jeAOxLUr_Tknz261RpE5VmOH_qW6VuK4wZ1MIStaUSpBCf6XuE9q77RsByhN9b8pirBPfZWE_gmUzN5hX_C-0qUFtuJvRMAj_kO4KoGY3O_Ycw6emSHw7HyS4l0EAwfVonBeUEpVDKQoliILjy4Ew1wtkGBGrXHlgWK8TB40b1zfCd-XFgLeiO_zm9dadX6qFU7HIU31tQ3Jp2wV4MI5sA0Ulfkmgwy2E8xreIukGheR74Hntq64o1mmnrp9dhrDjhyo3Ck_wTE6pR7EftdukTCU7ksHyH3nSbFCkvXFGWefsp1uXGu_QLgnX-9tLBikSmQzgkgPFuQ4dg3xFuB-LYe78kugkS0xZVSbwJVHKkpmbz9xIKfXuOlz_7O4QllNpe_C6BZQXQEwzIwVptG6fsLyJh0DIhZ4aV9TEOUoQxg Requested by Host: www.0512s.com URL: http://www.0512s.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4014:80b::2002 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:02 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	gkheiyj.js Show response 1.0512s.com/	11 KB 4 KB	225ms 225ms	Script text/javascript	115.231.186.133 CHINATELECOM-ZHEJ...
General Check archive.org Show headers Download Go to Full URL http://1.0512s.com/gkheiyj.js Requested by Host: 1.0512s.com URL: http://1.0512s.com/common/wrqj_x/production/t/openjs/xgx.js Protocol HTTP/1.1 Server 115.231.186.133 , China, ASN136188 (CHINATELECOM-ZHEJIANG-NINGBO-IDC NINGBO, ZHEJIANG Province, P.R.China., CN), Reverse DNS Software yunjiasu / Resource Hash 44364bbc2bfde11a30f86a3572f285be6581444ecd1b9d2e509e2d433004f1b7 Request headers accept-language de-DE,de;q=0.9 Referer http://www.0512s.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers Date Tue, 12 Jul 2022 10:06:03 GMT Content-Encoding gzip Last-Modified Tue, 24 May 2022 07:01:01 GMT Server yunjiasu YJS-CacheStatus HIT YJS-ID b75b246fb2f42b5d-111 P3p CP=" OTI DSP COR IVA OUR IND COM " Cache-Control public, max-age=14400 Connection keep-alive Content-Type text/javascript; charset=utf-8 Content-Length 4034 Expires Tue, 12 Jul 2022 14:06:03 GMT
POST H3	204	csi csi.gstatic.com/ Frame B45E	0 17 B	46ms 30ms	Ping image/gif	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://csi.gstatic.com/csi?v=2&s=osv&puid=2~l5i0d56v&c=5299123956023&slotId=2649561978011.5&qqid=CNyVzYaN8_gCFZWPmgodoqMINA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=811&mt=video%2Fmp4&vs=360x640&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0 Requested by Host: imasdk.googleapis.com URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220627_RC00/outstream.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36 Response headers pragma no-cache date Tue, 12 Jul 2022 10:06:03 GMT last-modified Wed, 21 Jan 2004 19:51:30 GMT server Golfe2 content-type image/gif access-control-allow-origin * cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET		rs.jpg eclick.baidu.com/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

googlecm.hit.gemius.pl

URL

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEF9EsiRCLnn8SzxqsxXNqG8&google_cver=1&google_push=AehlK4CZZt4s0gpW1vpHEhiJXxgOmDM6R86iu0XxlewlhMKMrEd4j4qPxshdxmE87aNubuQxnI78DpiWIFUE8tDTMAFg4es9ktHO4w

Domain

pos.baidu.com

URL

https://pos.baidu.com/s?wid=1000&hei=30&di=u6308020&s1=2877846462&s2=3726499581&ltu=http%3A%2F%2Fwww.0512s.com%2F&dc=3&ti=%E9%AB%98%E9%80%9F%E8%B7%AF%E5%86%B5%E6%9F%A5%E8%AF%A2_%E4%BB%8A%E6%97%A5%E9%AB%98%E9%80%9F%E5%B0%81%E8%B7%AF%E6%83%85%E5%86%B5%20-%20%E9%AB%98%E9%80%9F%E5%85%AC%E8%B7%AF%E6%9F%A5%E8%AF%A2%E7%BD%91&ps=120x288&drs=3&pcs=1600x1200&pss=1600x2317&cfv=0&cpl=3&chi=2&cce=true&cec=GBK&tlm=1657620362&psr=1600x1200&par=1600x1200&pis=-1x-1&ccd=24&cja=false&cmi=4&col=en-US&cdo=-1&tcn=1657620362&dtm=HTML_POST&tpr=1657620362350&ari=2&ant=0&exps=110269,110257,110009,111000,110011&prot=2&dis=0&dai=1&dri=0&ver=0711&ecd=1&psi=63b425873498ca30&ft=1

Domain

eclick.baidu.com

URL

https://eclick.baidu.com/rs.jpg?pageSearchId=1657620363294zhvkj0lvmmr&content=%7BpgSacI%22%22672339zvjlmr%2CneUla%22tu%2Cevrnet%3A%7Btp%22%22niomn%22%22eieyaer%22%22tp%2Fww01scm%22%22aeerhd%3A1560624hk0vm%22%5D%22aeerhd%3A1560624hk0vm%22%22edpod%3Are%22niomn%22%5B%22ye%3Aevrnet%2CdlvrPgUl%3Aht%3A%2Fw.52.o%2F%2CpgSacI%22%22672339zvjlmr%7D%7D