brickshelf.com Open in urlscan Pro
2001:4838:0:1b::204 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.brickshelf.com/
Effective URL:
https://brickshelf.com/
Submission: On August 08 via api (August 8th 2023, 6:49:27 pm UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 12 domains to perform 82 HTTP transactions. The main IP is 2001:4838:0:1b::204, located in United States and belongs to QTS-ASH, US. The main domain is brickshelf.com.
TLS certificate: Issued by R3 on July 8th 2023. Valid for: 3 months.

This is the only time brickshelf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	2001:4838:0:1... 2001:4838:0:1b::204	29748 (QTS-ASH) (QTS-ASH)
18	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 3	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
4	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:1b::7	15169 (GOOGLE) (GOOGLE)
82	20

9 2001:4838:0:1b::204 (United States) 1 redirects

ASN29748 (QTS-ASH, US)

www.brickshelf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
brickshelf.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (Grosse Pointe, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.85 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:1b::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-5hnednss.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 135 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	459 KB
14	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 377 cm.g.doubleclick.net — Cisco Umbrella Rank: 244 bid.g.doubleclick.net — Cisco Umbrella Rank: 801	152 KB
9	brickshelf.com 1 redirects www.brickshelf.com brickshelf.com	31 KB
6	gstatic.com www.gstatic.com csi.gstatic.com	29 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77 imasdk.googleapis.com — Cisco Umbrella Rank: 526	135 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 633	3 KB
4	2mdn.net 1 redirects s0.2mdn.net — Cisco Umbrella Rank: 326 gcdn.2mdn.net — Cisco Umbrella Rank: 1207 r2---sn-5hnednss.c.2mdn.net — Cisco Umbrella Rank: 476582	2 MB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 265	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	169 KB
1	google.com www.google.com — Cisco Umbrella Rank: 3	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1192	608 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	2 KB
82	12

	Domain	Requested by
21	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net brickshelf.com tpc.googlesyndication.com imasdk.googleapis.com
18	pagead2.googlesyndication.com	brickshelf.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
8	brickshelf.com	brickshelf.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com brickshelf.com
4	csi.gstatic.com	imasdk.googleapis.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net brickshelf.com
2	r2---sn-5hnednss.c.2mdn.net
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	brickshelf.com
2	www.gstatic.com	googleads.g.doubleclick.net
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	brickshelf.com
1	www.brickshelf.com	1 redirects
82	21

This site contains no links.

Subject Issuer	Validity	Valid
brickshelf.com R3	`2023-07-08` - `2023-10-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-18` - `2023-08-16`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-17` - `2023-10-09`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-07-25` - `2023-10-03`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://brickshelf.com/
Frame ID: 1E75558BF856BF17075ADA4B92CB56DD
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FBrickshelf%2F176478512398674&layout=standard&show_faces=false&width=200&action=like&colorscheme=light&height=50
Frame ID: E6CE24396EAD18E9620F64AB35696C9A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20190131/zrt_lookup.html
Frame ID: 9A523082E60DFBC182562B9EEEFFB7A0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1803902625235027&output=html&adk=1812271804&adf=3025194257&lmt=1691520563&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x540_l%7C356x540_r&format=0x0&url=https%3A%2F%2Fbrickshelf.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691520563298&bpp=3&bdt=153&idt=238&shv=r20230807&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7805947434319&frm=20&pv=2&ga_vid=1807896447.1691520564&ga_sid=1691520564&ga_hid=1985431233&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076688%2C31076805%2C31076830%2C31076318&oid=2&pvsid=1468992657299805&tmod=1477002165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255
Frame ID: 189D22C234E2DF335C52C3D46A591556
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1
Frame ID: 151641718ABE9A5FABAF50AD5ED30BD9
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1
Frame ID: 7C2671C424D7D6E44476BDA87F02D3F1
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1
Frame ID: 41897EC92AA227E508DD5C6A8FC7CC56
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1
Frame ID: D9953F8DD6EF479E19DF2984ED84C172
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2i2dcEEMbt9-UEGJXn7fABMAE&v=APEucNU6T_zGzpzXgstoXcZUy9W6JI4geRGgAHmSCKXispSliFyYdshP18-RJe3IHBl7HiyOMeWDJHO6Z19oXNnnjSQ8HYyff99CwPKMG8P6cvrgHG47gkh1qrImgs2HIV23oJ8KUjmCQSj5b7BUfba5WIacQL46G7yE8Zx5TlBiRukzmXEpEhU
Frame ID: 7D68E9B5B7FFF6F106FFAB84AB1D8EB5
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js
Frame ID: C13A721C556A439CD5105CEF154CD01E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5E0BDB25F2B30AB2A61ED8A181DF5A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0EB5BC69EB14C937CCD93BABA87D8C26
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 82C39C33EE77F4EC2ADD35763BBEC8E9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js
Frame ID: 568E6C1AB42F9B0F32D1DEFB7AB28F09
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C78FEFC3F84C98BE034455080835C673
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Frame ID: 3B13C20C404CB43DC3DAED3AA8640423
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js
Frame ID: 14D059B98BC028692F4EB7275FC428A8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Brickshelf

Page URL History Show full URLs

http://www.brickshelf.com/ HTTP 301
https://brickshelf.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Page Statistics

82
Requests

94 %
HTTPS

75 %
IPv6

12
Domains

21
Subdomains

20
IPs

4
Countries

3180 kB
Transfer

5109 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.brickshelf.com/ HTTP 301
https://brickshelf.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1

Request Chain 57

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNKONS2zkLro.m8AsAi7qAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1&google_hm=2

Request Chain 58

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEHfAb4hzPtAYZsa_17Rso9w&google_cver=1

Request Chain 59

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2MjEyMDc5NDAzODA5NzAzNg%3D%3D

Request Chain 72

https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/2B05145F3A387061BFD1C4D4107F1B19E402AD3E.82BB42F6D836D61291512C9395A8A38231A4C362/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-5hnednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21E92C1076EAC13AB4F050B27A5878596BE5D3A2.0D2494E4E0C77FAA480E8553763446D6DE0FB978/key/cms1/cms_redirect/yes/mh/xb/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5hnednss/ms/onc/mt/1691520074/mv/m/mvi/2/pl/58/file/file.mp4

82 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
brickshelf.com/
Redirect Chain

http://www.brickshelf.com/
https://brickshelf.com/

8 KB
8 KB

725ms
115ms

Document
text/html

2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to

Full URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: 770d11e661ef87f130fb81db0c45587c84b6a9e4951fcde4372950bcf39dcbe0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-control: no-cache
Connection: Keep-Alive
Content-Type: text/html
Date: Tue, 08 Aug 2023 18:49:23 GMT
Expires: 0
Keep-Alive: timeout=5, max=100
Pragma: no-cache
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
Transfer-Encoding: chunked

Redirect headers

Connection: Keep-Alive
Content-Length: 231
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 08 Aug 2023 18:49:22 GMT
Keep-Alive: timeout=5, max=100
Location: https://brickshelf.com/
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
50 KB 114ms
77ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e53cbdc5b72a38b203ea1f6d709cb437bfb82d50f14f2ae86e50b73b74146f6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50646
x-xss-protection: 0
server: cafe
etag: 6421560988779505093
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:49:23 GMT

GET
H/1.1 200
OK bsicon.gif
brickshelf.com/images/ 800 B
1 KB 93ms
93ms Image
image/gif 2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brickshelf.com/images/bsicon.gif
Requested by: Host: brickshelf.com
URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: 5b5727c13749386cf05296d1b4108cd1884a744abc78304db6122beb5ad16fb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:23 GMT
Last-Modified: Sat, 05 Feb 2000 23:54:10 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
ETag: "320-35fd558a4cc80"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 800

GET
H/1.1 200
OK 3_prog_tc6_pic1.png_thumb.jpg
brickshelf.com/gallery/A77/Prog3TC6Remake/thumb/ 3 KB
3 KB 95ms
94ms Image
image/jpeg 2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brickshelf.com/gallery/A77/Prog3TC6Remake/thumb/3_prog_tc6_pic1.png_thumb.jpg
Requested by: Host: brickshelf.com
URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: 2e64c0abdf0ef194a336a826b2714a5f1aee05a84e549e5eef06c2855231c652

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:23 GMT
Last-Modified: Sun, 30 Jul 2023 16:40:26 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
ETag: "c74-601b6f8915c38"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 3188

GET
H/1.1 200
OK jacaranda_silent_soldier__angle.jpg_thumb.jpg
brickshelf.com/gallery/Mantisking/Mechaton/Copies/Jacaranda/SilentSoldier/thumb/ 3 KB
4 KB 188ms
93ms Image
image/jpeg 2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brickshelf.com/gallery/Mantisking/Mechaton/Copies/Jacaranda/SilentSoldier/thumb/jacaranda_silent_soldier__angle.jpg_thumb.jpg
Requested by: Host: brickshelf.com
URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: eb4c27d87e579484a80e7068ade3e23c9fb5ac91a219efd3140097f522efd2ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:23 GMT
Last-Modified: Sun, 16 Jul 2023 04:19:36 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
ETag: "d23-60092fd5ab475"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3363

GET
H/1.1 200
OK 20210402_115942.jpg_thumb.jpg
brickshelf.com/gallery/rekok/Mindstorms/thumb/ 4 KB
4 KB 264ms
93ms Image
image/jpeg 2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brickshelf.com/gallery/rekok/Mindstorms/thumb/20210402_115942.jpg_thumb.jpg
Requested by: Host: brickshelf.com
URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: f075556268f775b48443b1808a158384ff049478273aa294284eaf9f1d121ef5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:23 GMT
Last-Modified: Sat, 08 Jul 2023 17:11:29 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
ETag: "f09-5fffcd720f717"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3849

GET
H/1.1 200
OK greatmaccao_cover.png_thumb.jpg
brickshelf.com/gallery/pikminjake/MonsterHunter/Maccao/thumb/ 4 KB
5 KB 280ms
93ms Image
image/jpeg 2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brickshelf.com/gallery/pikminjake/MonsterHunter/Maccao/thumb/greatmaccao_cover.png_thumb.jpg
Requested by: Host: brickshelf.com
URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: e786c45b89aea595d201965d38449e833db046aca0ed3c147fa5c94e08f8a79e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:23 GMT
Last-Modified: Wed, 26 Jul 2023 19:49:29 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
ETag: "112d-60169254da16f"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4397

GET
H/1.1 200
OK 1.png_thumb.jpg
brickshelf.com/gallery/FalconsLord/MyCastleProject/KoferdianEmpire/KoferdianNavy/HMSDraken/thumb/ 2 KB
3 KB 281ms
94ms Image
image/jpeg 2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brickshelf.com/gallery/FalconsLord/MyCastleProject/KoferdianEmpire/KoferdianNavy/HMSDraken/thumb/1.png_thumb.jpg
Requested by: Host: brickshelf.com
URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: 6269bf2da19aa47caf068f998e30c3d102a460c1c0fb68cf05f35ecbf73c5c10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:23 GMT
Last-Modified: Fri, 21 Jul 2023 12:13:32 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
ETag: "8cb-600fe3180d60a"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2251

GET
H/1.1 200
OK jacaranda__angle.jpg_thumb.jpg
brickshelf.com/gallery/Mantisking/Mechaton/Copies/Jacaranda/thumb/ 3 KB
3 KB 155ms
93ms Image
image/jpeg 2001:4838:0:1b::204
QTS-ASH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://brickshelf.com/gallery/Mantisking/Mechaton/Copies/Jacaranda/thumb/jacaranda__angle.jpg_thumb.jpg
Requested by: Host: brickshelf.com
URL: https://brickshelf.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2001:4838:0:1b::204 , United States, ASN29748 (QTS-ASH, US),
Reverse DNS
Software: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd /
Resource Hash: 65d8a4efd998a20e2622dd7d263b49891e9ac7f9e7c7049faf157138a26a3b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:23 GMT
Last-Modified: Sun, 16 Jul 2023 13:43:06 GMT
Server: Apache/2.4.46 (FreeBSD) OpenSSL/1.1.1l-freebsd
ETag: "b35-6009adc9a60c6"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2869

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame E6CE 0
2 KB 56ms
38ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FBrickshelf%2F176478512398674&layout=standard&show_faces=false&width=200&action=like&colorscheme=light&height=50

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 08 Aug 2023 18:49:23 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: XHhcL5XCgKKWLBZpBiV6vaF6deWfVKus7fu2/aXeA5wMZuu5HNlGsTwgIJj3gRTGVRK6UDYRxMX6Ca1+4RRsmw==
x-xss-protection: 0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/ 372 KB
126 KB 87ms
85ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1803902625235027&plah=brickshelf.com&bust=31076830

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

07acef684b6b3e25852c216204375f8def11e9a93ef3bba3402fb8f621377929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128314
x-xss-protection: 0
server: cafe
etag: 17057836880436619723
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:49:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230807/r20190131/ Frame 9A52 10 KB
5 KB 47ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230807/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 66936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 00:13:47 GMT
etag: 12368291122986407432
expires: Tue, 22 Aug 2023 00:13:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
608 B 72ms
22ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=brickshelf.com&callback=_gfp_s_&client=ca-pub-1803902625235027

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1803902625235027&plah=brickshelf.com&bust=31076830

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a30983f29e3d41483cfb0127610f9b46e689f23309f0b34fc6453c41304225aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 189D 534 KB
111 KB 1196ms
1196ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1803902625235027&output=html&adk=1812271804&adf=3025194257&lmt=1691520563&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=356x540_l%7C356x540_r&format=0x0&url=https%3A%2F%2Fbrickshelf.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1691520563298&bpp=3&bdt=153&idt=238&shv=r20230807&mjsv=m202308030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7805947434319&frm=20&pv=2&ga_vid=1807896447.1691520564&ga_sid=1691520564&ga_hid=1985431233&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759926%2C44759875%2C44759842%2C31076688%2C31076805%2C31076830%2C31076318&oid=2&pvsid=1468992657299805&tmod=1477002165&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=255

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

079453eb054763cefea245654f25a28afc9f340568a06457439426a973cff9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 113830
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 18:49:24 GMT
expires: Tue, 08 Aug 2023 18:49:24 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 90ms
61ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230807&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08b0f1d846e718fa3b2fff0c20af225043318cafa49592a1575f725a1b8b20b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11627
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/ 154 KB
52 KB 88ms
88ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308030101/reactive_library_fy2021.js?bust=31076830

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c94a219e342f7d1e8918fe6a9964f7d804cbe570878cd2613a929cddb3cbcc86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:24 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53654
x-xss-protection: 0
server: cafe
etag: 3396520292821968401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:49:24 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 56ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 08 Aug 2023 18:49:24 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/ Frame 1516 10 KB
4 KB 15ms
15ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 19:50:48 GMT
etag: 12368291122986407432
expires: Mon, 21 Aug 2023 19:50:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/ Frame 7C26 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 19:50:48 GMT
etag: 12368291122986407432
expires: Mon, 21 Aug 2023 19:50:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/ Frame 4189 10 KB
4 KB 13ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 19:50:48 GMT
etag: 12368291122986407432
expires: Mon, 21 Aug 2023 19:50:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/ Frame D995 10 KB
4 KB 14ms
13ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 82716
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4544
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 19:50:48 GMT
etag: 12368291122986407432
expires: Mon, 21 Aug 2023 19:50:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 1516 4 KB
1 KB 63ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 18:07:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/elements/html/ Frame 1516 15 KB
7 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 03:14:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6416
x-xss-protection: 0
server: cafe
etag: 10587074671346547413
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 03:14:28 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/elements/html/ Frame 1516 20 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 22:30:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8604
x-xss-protection: 0
server: cafe
etag: 15357628606984112601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 22:30:05 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7C26 4 KB
705 B 60ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 17:07:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 7C26 2 KB
973 B 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:07:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/ Frame 7C26 23 KB
9 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:07:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 7C26 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:51:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 14:51:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 7C26 20 KB
8 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:04:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C26 179 KB
57 KB 813ms
763ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 7C26 33 KB
14 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4189 4 KB
705 B 51ms
23ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 17:55:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 4189 2 KB
926 B 14ms
12ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:07:21 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/ Frame 4189 23 KB
9 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34923
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:07:21 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 4189 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:51:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 14:51:55 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 4189 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:04:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4189 179 KB
56 KB 837ms
796ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H2 200 57adb899ea29f9dbe2017a856681fc42.js Show response
www.gstatic.com/mysidia/ Frame 4189 33 KB
14 KB 41ms
17ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/57adb899ea29f9dbe2017a856681fc42.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 12:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 366622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14152
x-xss-protection: 0
last-modified: Mon, 31 Jul 2023 19:53:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 02 Nov 2023 12:59:03 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 7D68 624 B
246 B 64ms
56ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2i2dcEEMbt9-UEGJXn7fABMAE&v=APEucNU6T_zGzpzXgstoXcZUy9W6JI4geRGgAHmSCKXispSliFyYdshP18-RJe3IHBl7HiyOMeWDJHO6Z19oXNnnjSQ8HYyff99CwPKMG8P6cvrgHG47gkh1qrImgs2HIV23oJ8KUjmCQSj5b7BUfba5WIacQL46G7yE8Zx5TlBiRukzmXEpEhU

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 18:49:25 GMT
expires: Tue, 08 Aug 2023 18:49:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230803/r20110914/ Frame C13A 23 KB
9 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:42:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:42:07 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230803/r20110914/elements/html/ Frame C13A 7 KB
3 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230803/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 21:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3041
x-xss-protection: 0
server: cafe
etag: 10703168227084058840
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 21 Aug 2023 21:42:31 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C13A 0
0 104ms
49ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzNGM9kGnzeEtxNGO7OZEdV9WCksdvnI1YvYGo5UNz6aW0lHp9lLxhF1h3Zglp5xFVfAgsSv63l4R5Mgu_NDUuqkVEJjFoldDBNihnH5igoJQ9r8FzQtjSzgX1vkd1nOdvSF_MgGdzE75uCjw1FzqaKfpZyHV8j0MYnJbkcC98CtPxbVQTt73iF0aNPDGVSgk17DSj3VXMPVX4-yoAsR76BSFhJRyGWf7s4FfVwaeqh5JIldHPR7UqFHL4p165IM_eMu-6WEE08vmH4V6Uubhl0WAIZDlil0FUpLgkfIx6kni6gE60qAMoEXkrtcq2f_eT-xpItZx65z7791jMF0YBj_NNGOAfsmGFkuOMHTAdy4Zkhps3VVZ0Nwskai7oac4jAi5KmmwB0jHoFW2Btg7Kj33HandGKH08V-66Dz6_L9e3Hnlmtdyo44DcE-MkdcLHuoW0EWURxOs0F1vfj7EU4OLh3ERqSjJSHGFlO6ZL_edOb66ETRnL9tNIWWOifaSUzA398IbnPnHXobvdtaUb7qp2F-MJkFH4Ro47Y-14o3RLfJRpmUcNUltDJcNl1cHm3fgH9RQiWWRGc1qVHmLjMBgnsP9FBVLqwawQBQaTjfm6pF3LQxYs25eNec3IIaLwTKZRQMvmUmN1wSNP70IH2ByZ_EeRAmTBK7TIHZ3_ZtN5GM8Qdo4IA-s-Jc_llzK0Yj5zf7SNwx0mxL16dsXvEcm2zqmvzOsOSj8PLlNGms4GL6jG2UZfnV4WuUbwSDixB6YOUi2nQkyHmV5EE0JjR7AkHDBiVLpYsQRf_wN1BS5F3Y6QClAT3b6AuptiqLuRmqqesBmFCmkuhodipvzehlpgZryzGIpJqTMC5eAiyg_VmHh3Irh57m7sbpe3jiczCbsh5g5vP7dgM7WLdRPVMw_1Rcd9QlkPwZetGW6SPueC4j_nNZ3EQf7HccuLECFf4bbPYZM80IiIlJ4EB5z9PXq9vYffVxFH41l1vSRBhIWurEldSeyVYWs-KrWy99C-EG6eiZ2QPhChdb7VIC6OCdeUxCR2qF5-9hXybnxwPT0VctfPq1dxR28Rdd3WIAO4YHaSUFxfSo-VtgOb7EOBGDUespSG93JwDwc3uhphUy0i7ip6jfeJgRIyqWnbzetLG-HjsQoc_9po0qTiZ1rxAEBqZiivoYG6m_AHNTI&sai=AMfl-YReMAeICjiwXtBVHa5MlCB414Mr-LjUEOJFTebh6uSq6_4iVB6N7FBEHIK1Bjt4Q0FdWYopaqW66kbPz539wv2PLPM-cwEskt3F9KzAuhXF-Ajw8rIG-XMcEu9ILry1IjC2VPBuvlXDFaV5fwSSTUmEOmKoRMwuuHuxb4LtJf0Le3gERvFQ7ROVmNYvVinjAvbxpGdKb8BPgE6RvXfOa5NOtGMuyZ_uSsiHwJqypUgi-PzadA&sig=Cg0ArKJSzEMCGDMIS4WuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230803.30274&arae=0&ftch=1&adurl=

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C13A 41 KB
13 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Mon, 07 Aug 2023 19:26:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 84177
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Aug 2024 19:26:28 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame C13A 3 KB
1 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/window_focus_fy2021.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 14:51:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14250
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 14:51:55 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame C13A 20 KB
8 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:04:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C13A 179 KB
56 KB 835ms
814ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57420
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1691408699217355"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C13A 42 B
63 B 112ms
112ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BCU2HJBrjsNSELyK-4IJiNoeiMUFdfPkL_4JkaHAa9aFkvJ2Za90JEhway98erY02gdZWVZ5niXX6BKlKMiga9KDDDhc8Y6et50CTZsuMCNu26aJI

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10729492514797100780
s0.2mdn.net/simgad/ Frame C13A 32 KB
32 KB 80ms
23ms Image
image/jpeg 2a00:1450:4001:809::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/10729492514797100780

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b82a7615b78d0ee6772f03ed497eaa4f0cb02cf24a0a133488af4fd784912e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 12:29:38 GMT
x-content-type-options: nosniff
age: 22787
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32501
x-xss-protection: 0
last-modified: Fri, 14 Jul 2023 18:03:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 07 Aug 2024 12:29:38 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5E0 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 73
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 18:48:12 GMT
expires: Wed, 07 Aug 2024 18:48:12 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0EB5 783 B
1 KB 92ms
34ms Document
text/html 2a00:1450:4001:81c::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55aeaef55cbcba42f2e080df104d197b553851b348da61ea2a03b982e77d5eb6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DZ-yU-gKlhSdXBmtV_DWXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://brickshelf.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-DZ-yU-gKlhSdXBmtV_DWXw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 18:49:25 GMT
expires: Tue, 08 Aug 2023 18:49:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame C13A 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df1f8f3481046378631e82cead0677806354c576a364c31e3f64f776d6f5b388

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 82C3 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 10290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 08 Aug 2023 15:57:55 GMT
expires: Wed, 07 Aug 2024 15:57:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/ Frame 568E 23 KB
9 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:07:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34924
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9098
x-xss-protection: 0
server: cafe
etag: 16188647127460483431
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:07:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 568E 8 KB
823 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 08 Aug 2023 17:06:56 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 568E 15 KB
3 KB 52ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Fri, 04 Aug 2023 07:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 385661
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2920
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 03 Aug 2024 07:41:44 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/ Frame 568E 375 KB
129 KB 53ms
17ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 05:43:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306346
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131779
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 17:29:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 05:43:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/ Frame 568E 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230803/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 09:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 35075
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8261
x-xss-protection: 0
server: cafe
etag: 3571037177597359341
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 22 Aug 2023 09:04:50 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7D68
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2i2dcEEMbt9-UEGJXn7fABMAE&v=APEucNU6T_zGzpzXgstoXcZUy9W6JI4geRGgAHmSCKXispSliFyYdshP18-RJe3IHBl7HiyOMeWDJHO6Z19oXNnnjSQ8HYyff99CwPKMG8P6cvrgHG47gkh1qrImgs2HIV23oJ8KUjmCQSj5b7BUfba5WIacQL46G7yE8Zx5TlBiRukzmXEpEhU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 18:49:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 7D68
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZNKONS2zkLro.m8AsAi7qAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1&google_hm=2

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2i2dcEEMbt9-UEGJXn7fABMAE&v=APEucNU6T_zGzpzXgstoXcZUy9W6JI4geRGgAHmSCKXispSliFyYdshP18-RJe3IHBl7HiyOMeWDJHO6Z19oXNnnjSQ8HYyff99CwPKMG8P6cvrgHG47gkh1qrImgs2HIV23oJ8KUjmCQSj5b7BUfba5WIacQL46G7yE8Zx5TlBiRukzmXEpEhU
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 08 Aug 2023 18:49:25 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENnavRCMxSlD-2Ak8rJY6kw&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 7D68
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEHfAb4hzPtAYZsa_17Rso9w&google_cver=1

43 B
842 B

7ms
7ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEHfAb4hzPtAYZsa_17Rso9w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ2i2dcEEMbt9-UEGJXn7fABMAE&v=APEucNU6T_zGzpzXgstoXcZUy9W6JI4geRGgAHmSCKXispSliFyYdshP18-RJe3IHBl7HiyOMeWDJHO6Z19oXNnnjSQ8HYyff99CwPKMG8P6cvrgHG47gkh1qrImgs2HIV23oJ8KUjmCQSj5b7BUfba5WIacQL46G7yE8Zx5TlBiRukzmXEpEhU

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
an-x-request-uuid: 64899d35-80d6-4615-8181-ba49514fae7b
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 178.162.209.138; 178.162.209.138; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEHfAb4hzPtAYZsa_17Rso9w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7D68
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2MjEyMDc5NDAzODA5NzAzNg%3D%3D

170 B
188 B

28ms
27ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2MjEyMDc5NDAzODA5NzAzNg%3D%3D

Requested by

Protocol

Server

142.250.185.194 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
an-x-request-uuid: 8500cb3e-6b40-4c13-96de-4ab6f676da7a
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQ2MjEyMDc5NDAzODA5NzAzNg%3D%3D
x-proxy-origin: 178.162.209.138; 178.162.209.138; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 0Hra_cK1xmatTaZ7_Fox9IQH0EoW0oMPpjwxxKW34xk.js Show response
pagead2.googlesyndication.com/bg/ Frame A5E0 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0Hra_cK1xmatTaZ7_Fox9IQH0EoW0oMPpjwxxKW34xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07adafdc2b5c666ad4da67bfc5a31f48407d04a16d2830fa63c31c4a5b7e319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14547
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 05:03:30 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 82C3 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 18:24:54 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C13A 0
0 49ms
49ms Fetch
image/gif 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvzNGM9kGnzeEtxNGO7OZEdV9WCksdvnI1YvYGo5UNz6aW0lHp9lLxhF1h3Zglp5xFVfAgsSv63l4R5Mgu_NDUuqkVEJjFoldDBNihnH5igoJQ9r8FzQtjSzgX1vkd1nOdvSF_MgGdzE75uCjw1FzqaKfpZyHV8j0MYnJbkcC98CtPxbVQTt73iF0aNPDGVSgk17DSj3VXMPVX4-yoAsR76BSFhJRyGWf7s4FfVwaeqh5JIldHPR7UqFHL4p165IM_eMu-6WEE08vmH4V6Uubhl0WAIZDlil0FUpLgkfIx6kni6gE60qAMoEXkrtcq2f_eT-xpItZx65z7791jMF0YBj_NNGOAfsmGFkuOMHTAdy4Zkhps3VVZ0Nwskai7oac4jAi5KmmwB0jHoFW2Btg7Kj33HandGKH08V-66Dz6_L9e3Hnlmtdyo44DcE-MkdcLHuoW0EWURxOs0F1vfj7EU4OLh3ERqSjJSHGFlO6ZL_edOb66ETRnL9tNIWWOifaSUzA398IbnPnHXobvdtaUb7qp2F-MJkFH4Ro47Y-14o3RLfJRpmUcNUltDJcNl1cHm3fgH9RQiWWRGc1qVHmLjMBgnsP9FBVLqwawQBQaTjfm6pF3LQxYs25eNec3IIaLwTKZRQMvmUmN1wSNP70IH2ByZ_EeRAmTBK7TIHZ3_ZtN5GM8Qdo4IA-s-Jc_llzK0Yj5zf7SNwx0mxL16dsXvEcm2zqmvzOsOSj8PLlNGms4GL6jG2UZfnV4WuUbwSDixB6YOUi2nQkyHmV5EE0JjR7AkHDBiVLpYsQRf_wN1BS5F3Y6QClAT3b6AuptiqLuRmqqesBmFCmkuhodipvzehlpgZryzGIpJqTMC5eAiyg_VmHh3Irh57m7sbpe3jiczCbsh5g5vP7dgM7WLdRPVMw_1Rcd9QlkPwZetGW6SPueC4j_nNZ3EQf7HccuLECFf4bbPYZM80IiIlJ4EB5z9PXq9vYffVxFH41l1vSRBhIWurEldSeyVYWs-KrWy99C-EG6eiZ2QPhChdb7VIC6OCdeUxCR2qF5-9hXybnxwPT0VctfPq1dxR28Rdd3WIAO4YHaSUFxfSo-VtgOb7EOBGDUespSG93JwDwc3uhphUy0i7ip6jfeJgRIyqWnbzetLG-HjsQoc_9po0qTiZ1rxAEBqZiivoYG6m_AHNTI&sai=AMfl-YReMAeICjiwXtBVHa5MlCB414Mr-LjUEOJFTebh6uSq6_4iVB6N7FBEHIK1Bjt4Q0FdWYopaqW66kbPz539wv2PLPM-cwEskt3F9KzAuhXF-Ajw8rIG-XMcEu9ILry1IjC2VPBuvlXDFaV5fwSSTUmEOmKoRMwuuHuxb4LtJf0Le3gERvFQ7ROVmNYvVinjAvbxpGdKb8BPgE6RvXfOa5NOtGMuyZ_uSsiHwJqypUgi-PzadA&sig=Cg0ArKJSzEMCGDMIS4WuEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=91&vt=11&dtpt=90&dett=2&cstd=0&cisv=r20230803.30274&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f194.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 08 Aug 2023 18:49:25 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0EB5 0
0 112ms
111ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230807&jk=1468992657299805&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 568E 0
234 B 49ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~ll2no59t&c=3079768050246&slotId=1539884025123&qqid=CM-7y5LdzYADFYROHgId2v0KjQ&fb=outstream-lima&sei=44730425%2C44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 568E 0
20 B 116ms
116ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CD4MYM47SZI_WJISd-cAP2vur6AiezeSvcYDPsYe4Ec_mor3AARABIKiF_QFglZKugrQHyAEFqQITD9A53FuyPqgDAcgDmwSqBOIBT9Ato5XEUpKiBrTAzeKY50x0M35tpQwN4wqdSx1L6TpXg_zHAF6kXOfnBO4-FosH0Y2n80FppglHywVr1xcymAlupOo6Xu4-GNYRlbI3i6pYllT0rCwbOd4TghbGM-S4HC00BXIHJlpQQPkAKEbmmCiDObhSY_4nhfHYJnlxp915zdkoEnviSYjNj2MFyKMn8LrtrZFm72OtSgxs3RjjzDe7deDDNZrs3q-pjMWC5QkpR-Ml03irIVF6bhRXrcoWHSfxhATh99Drt9IfiNAmpQCGR-95m6MTeh6SAc_rrUC3f8AE2MCJgbME4AQDkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwIKgYKBMOwsQKwE-eOmBTIE7SdleMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF&eventType=clickstring&clientTime=1691520565175&ai=CD4MYM47SZI_WJISd-cAP2vur6AiezeSvcYDPsYe4Ec_mor3AARABIKiF_QFglZKugrQHyAEFqQITD9A53FuyPqgDAcgDmwSqBOIBT9Ato5XEUpKiBrTAzeKY50x0M35tpQwN4wqdSx1L6TpXg_zHAF6kXOfnBO4-FosH0Y2n80FppglHywVr1xcymAlupOo6Xu4-GNYRlbI3i6pYllT0rCwbOd4TghbGM-S4HC00BXIHJlpQQPkAKEbmmCiDObhSY_4nhfHYJnlxp915zdkoEnviSYjNj2MFyKMn8LrtrZFm72OtSgxs3RjjzDe7deDDNZrs3q-pjMWC5QkpR-Ml03irIVF6bhRXrcoWHSfxhATh99Drt9IfiNAmpQCGR-95m6MTeh6SAc_rrUC3f8AE2MCJgbME4AQDkAYBoAZ2gAfYjuu-AqgH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGB8yAqoCOgKAQEi9_cE6gAoByAsB4AsBgAwBogwIKgYKBMOwsQKwE-eOmBTIE7SdleMD0BMA2BMKiBQE2BQB0BUB-BYBgBcB6BcF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 568E 0
54 B 42ms
18ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~ll2no5a0&c=3079768050246&slotId=1539884025123&qqid=CM-7y5LdzYADFYROHgId2v0KjQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.198&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 568E 29 KB
17 KB 104ms
52ms XHR
text/xml 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DfmRnV1bQjFq7JtfnHw7-dhPran8ryQiH-eBLpslH6IU2eovoNvwUhBZixeav2zrmw_KlpwbIoUIHr6hS1pWHTHNXGnQ&cry=1&dbm_d=AKAmf-CLWWJbW8wiPU5a1QYEgez4wOpx3qkjlUyUFpsc21VAqfmdcFL8tP6T4z38AQbdmzuvLCiFZzRK006__YCoRFl1cbcSl4sHafrl3gTJAwrCtLW05vIjS1Y9qwAQujQY5mtLYlQRdLVfSXVv5DVUm027EVsQk-lygQ0yKUNqjTNym1l_AYu-HRtSvVxfsfq8kmu1qUQamvzmbHw29O1uIX3uYjaM2yo4mxoK7j2hpSGnpDw0yAQ2eTuvQSk4XrS2N6J7qsKJGBwkaY4MFE9MuWbrrjppFmHVjistoThXNT9li0HN7iD82cg_oYs1vfdMxOJY_FHkbZ6I3kr5PL8HVXX3rDJRSbHj_0-Mhp-Foo8xYN18jkFe6qC_RRzwugnrarOpV85GBF0Z566IgYruESBqj_2km3Q1a_T3iSSE2oSTRJc5qrK-E9oHAaaw4VRGsjq3NnQxB-oxQQLXS0-wijV_oseRvrCyhgSJbIpVjLi2SGNP7K-2ZrjsHc9C4HuzmzUkcOedNg0OhCvoJfWgKfUs7QHAXbHaaQSdEIGGtDdpwM6DzbYNlqj0ARxxcFJMSYijHBBQguNZldWOeGBoyTF-TNPsZg8X4g13Nj23jas5wLiL4ZqaqXs1aeEuDr8RNZ75OofNQ5421Y7DVPm-zGgYLQzIgXkq43uOgsuKId2o69qRpuhC9GdA0pXnPTIup40tHFLI7lnQgkl7GTiiySZhdxS7DHTzGyo4SbABUE3v8PRexRoiBHXtOQWw22z53qASx-7vVTuxktFJCni61VVq3J3D4DE-ilYiuTzsayzxAVzkYbvCBacWz_wVld5Yo0RYwxqBLuuZyj8rRL3t7hYcotSuIUqeU7hmO9Vpl3LkRZ8uKkPqtWpcreguvHwiWDhAx3aKUFWU7x0sMClk9Gbxu82YYfhu8PxzPEh4xy0RZ2VlhHeadK1lKmsoZJZFo9ZnKQpgD0eF0WFB-YpU82V3Ps7YsnYRhl4LaZO-LjIASxvopjjLxsEccZM3Il9OmvImfXUKl1orbEJM0A3927RapVOSYdQAYojfbThwELSxWl92PZ-QHms12r-AeSKzkQpFkGvV9Ud3EjJcB7dIVw0qaug1cp4ATYn4pv3NdY4dLc9oFX_n3pNYXbok6qESCfI1fqG4C4cwLzp6BKTXvK6-YJ0WXaSict81Kc2Y_a8hIIEJdlUNCl1CCLmIMfqHQF_tdTUNaucP496EK_p4keXOzCDCaobuAIKz29tAUoKu7eT4VAR2A8KVFIy7dLGn8JCi0BQ5FRaIbjgOXBI2I1egCi9aTYYHTggx7nkOHnrORNc4_i-aaWxGxhOMA0ZCIcQS5CvlJg4v0r6O9tisVLfuMV30eq1uq70iHD-pTItQmyYr3d4Y3QJ3PBHjN6WEmNHcXMT8lfaqcJ2miGQjdP77lRYXTp6qezWGCwMCeH5ZmkFd2CK2b9SarFgf0MNxyo6OxTYtvkFQ_z0yxjE9KWzwtQ8PQG1fmFRTuiT_GMovFxuXFBkBdLTWDZdzYX-Lry4DQ0POb5-7ui9r3GKSsVt7OkCZT7BmZfS_bYDe54JxQIvuq-HEy3Eh0E3aGFINb3z3gmhe9hM-a2NpWl3LMRf6lDEY8a_RI5mw6Q-muDrL-LKBSbblUDXFjMUfLxsLlBO5sZEZfL1Xlr1qiCPwXIqEU2Yl61_t2k23uyubG9Fjg5MxW8ql7PYvsFMU_07V9oxuKUQVP4LmvUERHIgahFL5eeei54QOZpAd2nnNCn_-AYn3MbNkYp-q_o5HnpTc2_hsPh0Z8xJh8N7A4V1OxbqumXl5533oqr3YeqPKXxb14MH5jeAC26SFj4miHMuDFdyaYjhmQxQh64SaZhTGVp6LOqCXi1xuFAqBTEuf-MsyMkb-TRJo5Hsss3T0DZnf97jAFUfK0FtBsVYWfBbRizjGunUwHxj3TypNEzGdp2TjVosKsTjAL7wwhT925GX7pUcm-4Z1Qf4MbxKGtctKC_E7_0Ij0FIverMm7mF64TB6LQiJerzdSOML9XNtYttHgwpsWYL61AsvJYSAWK9KIqVKXnGoFLMEJaEVDZUIC1ztVPYA65WQVOLDEOMlpwmAkdOTWRCOtZwFpBxnYirgAvMQ1Yu6GAKaBuy6PFqhvGHg-9oPAaigYdYIgSwht7XO6WrF2u5W5FOPHYXTFd15X8swrnCGhNO5RyHzH4f1U898v875QuIO0xxQ5bC4483IB2pzOy-lvhyqQZzD4VuiwWJAq0rkwR4FcyXYc-0zRCfItWI2QZbTlm12QohyAEWm0P_Mo2Gw3Oa6RCS_RdGJQFHMYJFjCfmoWqw1J6SCPajaYs5tuQJCZUDqUqDZjQ4LFUEGl7-BWH_64adyRA675f_08bQLwgT4fF_ETeVda9WNg7hoRDjZZAGZ0emorM44RhsH6dxWEq4HLTAUCoCcgwixmk4iqfQqLfPuDD1EWjUjENnbL_jsgpoA8wBQFxPPDOuWc5zrXpfcrMALkCqrtfH6OyTgGtq3OWq3_yNxJxO9kU9u9PMVD2jJBAguw1naf6UwIDqP_T2PuL4tVecFeDRlXw0TeoB7UPmjDXH_dGVKyOkd-656yydn8izBNIankS8tXDfX03fYySjqv3Esy_OrqvYyOjKWGYQjQp70Gkjwj2qr0z7jIQkT4nTGgYX64iex_XuWfo4a7qxN7MAzuXODLPjuM4wNFoYbBwYORx1l7gkb2suOZVy41_EQOlXfMAXSa4Nq29IMrGRhjFHWjRzDVZHJbxQY8HkBujOT68r4uVhwsfnOrir1WhedwF5OyiZYHJa8RmwAr7S_Ph9ALwpiBQBrobPDSGFAP_CpFkkq4U8MXjuFCcsQ6BWJAAMMn3X7VyrDkocPkDO6fEgT7KpBkAtjhUv6KDLgjOczT1qiThCW0WCntBjHNC8NYM7NlrQcc7BpeCkaXp_NbOdsiRCLB0W4NyIJhvIP7F9ecrHsHEfQ83PhEGbGWi3uiHVXi-YyDVSCziDC3Fjn6UcOBPvWuTov_Zs7bOhLXKjAXytMtZQkmKDjOB9ududQ2dgNuMXbgvolfhdapQrJiUjKYM7hY5VVHuHQ248kLLLNb3ioeETmhL5Q2Px2kpkXwyVlguIGb29A-3EdsOAj1dmcJIT7zs4EiitYxtlx0RqRwRrEqcTU6rk-9jpHeI0cJvd1ZlHImLVxkMTZM17TW9GbChdK2VUzgTz-uBQn_36irQlsGR88PpOygaxCNbqzgo8MzIZCX4G4VQnUuPepj63FXLoTBFYwk3jsOt4sftux6XAAs95799hLcQqlFGCeMo40x0QU-GaFYdpohRvOPk_cZY5jgvYKcw&cid=CAQSGwBpAlJWJkcld7WxudEP_Kxc4qQFsJq-q185-RgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

6dbab2f43a743688a42aead2a2bb9254b9d7827fbe086721ac6057611ebb39fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16458
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A5E0 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zRjCXA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:49:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 82C3 0
20 B 117ms
117ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQQvtM47SZJLWJISd-cAP2vur6AgAAAAAOAHgBAI&bg=!3N-l34vNAAZGOVy5Zjk7ADkAdvg8Whlja8-A4Brd-mNcgwfHqb6VP8w434UisedyIl__3z63M2YcMxzvOlXrsUokI9IIQEYdUHgCAAAAiFIAAAAGaAEHmQL0MSumxyFuHwPmMrBDVRJZADXRrcRL2yX-Xgpd5KUWPqZION9uMpfHyYfO9c3y-CqnPT-zAOKgY66NMkMokC3d9duhhAeS9V4e94xGHRpXqTWiYWy_7vmR2VLEC0Q9hGRSlrosHVk1dp7B1pYEpu67BF8-6ycOvExWCUWM0uUJkPSuHSRJZnguz9xhS1sJ5vbEW6_WWIRUcmpYA17myzx8D5N5TYQC1px9IgkY4vvK44RlnlxbDPN52ml4IFSX82EEwg6L4RZ2CSA78lR9mhdTwlu_gndhiFPVL8sy1pk4OVdlh5iSRZreUFsy0hSJqcEPNbn7FcLLBOcOjZ5AhieoWfYnHLTWaJNcUK9E-5EXbmJp5sY7-wWkswAiwfJMxjosnl9owNiwAkPftwfKc8JjcolX3VgVvh5lRmnZWSswwPVx_boVCZWpL9Dj4-Lq1dsmvEZZTAFJAYpgc95HohhOHXf-X6r5yvic7bAZu3AFRtuUXdhLMON3fOZNiXWkrMJ-wYSVeC4-AfdVpo1JA5i74humKa1mxAc9PdIc3yOcNIpOCtQ83iUwjCpIHo_iRZwkPj46By5UNYGl93SBqSdnESdDQE3vX1LiQ5ULv7HnOSW7gtXgMXoH0nobGuBDmi6rEyl6Z70EjwbduHId1NRnvnU6nkxT0wt8RjG6EgkJTcHqlqk_RYTcCc7wbZYBvu8Jugo_pOuVML_So6alGNzmSpS1551GsFRxf8d9i6WmpzhZxJzHuAbubUK8NCRvezq_QVt7Wwlhx-mKQhvwHpToXedtVaacJ8qQ8j9MTLxTc8C4FJBUxn7A6fhHJ9Uv1BMGd4JK-0mifEWcW-Z5LNiP03EA8LzulthPwlEa0tWxDFb_ICAM1aw9jctnl7wG5jdSLFm3e2ld0MwvVbo6X_XjhZsBr4PcikIEovWM_tFbvHD5K5NhzIeaDoako-a6LWLkHdNUIvEJ5fd7HUlyim4BcaPr0rTr-0HNyiEIv_M3v_hmOKx0

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20230807/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 568E 0
45 B 18ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~ll2no5a7&c=3079768050246&slotId=1539884025123&qqid=CM-7y5LdzYADFYROHgId2v0KjQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 568E 41 KB
15 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Sat, 05 Aug 2023 06:25:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 303831
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 04 Aug 2024 06:25:34 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-5hnednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 568E
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r2---sn-5hnednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

121ms
13ms

Fetch
video/mp4

2a00:1450:400e:1b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hnednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21E92C1076EAC13AB4F050B27A5878596BE5D3A2.0D2494E4E0C77FAA480E8553763446D6DE0FB978/key/cms1/cms_redirect/yes/mh/xb/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5hnednss/ms/onc/mt/1691520074/mv/m/mvi/2/pl/58/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:400e:1b::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date: Tue, 08 Aug 2023 18:49:25 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2220696
Last-Modified: Fri, 07 Jul 2023 14:34:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 08 Aug 2023 18:49:25 GMT

Redirect headers

date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 653
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-5hnednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/21E92C1076EAC13AB4F050B27A5878596BE5D3A2.0D2494E4E0C77FAA480E8553763446D6DE0FB978/key/cms1/cms_redirect/yes/mh/xb/mip/2a00:c98:2050:a007:2::5/mm/42/mn/sn-5hnednss/ms/onc/mt/1691520074/mv/m/mvi/2/pl/58/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C78F 23 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 126418
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 07 Aug 2023 07:42:27 GMT
expires: Tue, 06 Aug 2024 07:42:27 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 0Hra_cK1xmatTaZ7_Fox9IQH0EoW0oMPpjwxxKW34xk.js Show response
pagead2.googlesyndication.com/bg/ Frame C78F 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/0Hra_cK1xmatTaZ7_Fox9IQH0EoW0oMPpjwxxKW34xk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d07adafdc2b5c666ad4da67bfc5a31f48407d04a16d2830fa63c31c4a5b7e319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 05:03:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49555
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14547
x-xss-protection: 0
last-modified: Wed, 02 Aug 2023 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 05:03:30 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C78F 0
20 B 117ms
116ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BOVnONY7SZL3JD-7JnsEP19eyqAEAAAAAOAHgBAI&bg=!OzilOGzNAAaeEKnZvhA7ADkAdvg8Wl3LVUjmCWsHuh88fscxvbj3u6FAD-aA6GjYRMIhhVI-XrKjPYj_IJ_DeaK10xmOPLacnpICAAAARVIAAAAGaAEHmQL8D4vKqPrRzG7XCvXL5fEOHQmb9ahnMcSS6LLU0bNUcC_DRDyIwBvvTp1tY9-wrTfMrtjVoTzeoaRxKheb-DuUz0vJXet6pBjJMUZPrKUFxYOH-8jeaocvgVfGlY4SnjSmC8rPc_geXvggAXRFem03FDiSFYGTOuWQQWp5E0Pu1JNoWJm1uHrAiArO8XxlR8z8wQ3No_O0XxpvuZ8uMLe_ZdslsgxZTL3cUOhcc5Aa1ZOoae8pBXN1hSv6bxfUhlk8Rj5-6InoY_5yEhSzbI6fB5qa5D_3QCbldaIdYI2ZWUUG7WqHeh_cSPdMDrXjvdDe5yyLE3A_eyUJo_RHOZ8pRxvkCE-Xu6ydkUpjIeCC4tXd2YJ-1YFvsv-ACGIct0qabmYhZ-KWifkJoIb9J5u2JTgO9XK0ODrpdLLWzZiQ8Cq3Qxwco4yABY5B5Lsoy455Kc8MSdvn_9ySSTVfYzogLWyhWJLm8kDYos1A0OOaeQL08mmzbEn_9yLixv2Rf-q5dDDCXoH1fd7QOMIIFJ9-zAFErk3x0be2i4KbCo9XhB-RFibkoNp-KCyujYhRSefsZthMqgg0DnBO7s5FlOHnp856oOsCQsfzEap5se8Xlsmk__mfk2ZmQf8JBOt7RVJRb2nb1bwOGb1pgVcT7bKnAAU8vOVuRaJEwgVgrYxzSiIKMWqDwiuiSDuvw7sr7eiplI80MOi9DKIP-Kx1yvgJimKCrz66Oj3j3okCQbhUWXxNSLrDMsumV1yMd2dOCeTuRN1qjvTGUSw-57rkrcp1eIbKGoOuRi96kEHw8Epyp41u00yBDqJkIDwEygzdIGWY5zWYHIu6694Y4u9XIODHWhEX2oMD2eOuSUAF_kQMhxSnF9RE6Ap-U3E0SZWED8Md33ypk6SS4D3mGw_MBbmbno7oJzSZxl0wCL65G9-MRPVKNhYhAWQ8O3Su0Pb9q16LFA_6Mrr7-BYfU7MZzjeMkayw8S9_YSlmKZMluQPO2Hxd2HcKRere5taIFmI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r2---sn-5hnednss.c.2mdn.net/videoplayback/id/f8fd2e94061f0d97/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1723056565/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 568E 2 MB
2 MB 32ms
14ms Media
video/mp4 2a00:1450:400e:1b::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:1b::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range: bytes=0-

Response headers

expires: Tue, 08 Aug 2023 18:49:25 GMT
date: Tue, 08 Aug 2023 18:49:25 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2220695/2220696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 2220696
last-modified: Fri, 07 Jul 2023 14:34:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 116ms
116ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230807&jk=1468992657299805&bg=!rK-lr_vNAAaeEKnZvhA7ADkAdvg8WqChj7B7V-faSqN5zGL5OV1dWgIDx_b1wVeu2jEZJp_kLRoCM_C_a878kCd_mSlsWkQ4G3ICAAAAl1IAAAAKaAEHCgB8M5gs9P5ucKPJSb5hax_PzktCEYtnCXSrjKMcz4Utuu3B9P2JAgznwwoFVk2NDqS1nYoFnVPuuJFn0Ih9vo5hJheaVTpzlbGanCsBIsVd3trNt7xCdPMROYHunIFMFZFscg30RubaC970h7mTwRKA3LTJXPURU7X2JF6XnJkCrQFpL2VyBAbHw1c4YXjt_awZ7lx0B7-eQAC3lV8SnKmvYcFjKpJmPK6jLQAmOgaQIk2uUEkvTiMLVsq4DDjuCqGw_wxMG4bZhDlxwpZUXloreXhYJeK2qq6tQR6Mt0gMOr-z1_C_ay_kRIpGKz3YT21rCi3mxQ8Lp3TMwIh62gJEIE5SB0OUj0mMnzMt5YqdadoxXivhUjet1s140DRT5wiaLDzYhlcHnEVlxZ48D1ruys4pWRDlZq_wZtvmsEQI868tRdYLTApnJcqW4T-0bcJ0lVfL-se8vBM1SLYJVC3RwNiX7VIrfXj680FV2gx1TBnsnfK4hs-MzaS8soL_qaFsnfgbFsyEUx_OINYS14s7VqNxgY12yuZlbq5xKekFfkCLnUN2xNdnBZcokItz7Cuqj0JFymNXPq4-b0FS20fLTQjZgQnfRqRwaji-enn6sbNXG853XABbnkKYlzYCPxeKGP5ztFil5QyFT0zczXlB8eU7qxNAibATjAKs8kLMrRf1kcoJk5l_3ginjYQhoSbIy3SpAw52TC0x6QxgjQojfD23iAU1KrILFL7qHkT0j8oPTLGTqzHEU4PTRMfDKelIsOd22p5GmGfhFzwx8Kg9fUbQUbEdB2C5VHycO2TqnhQChwC2hw27AnEyhOcf_cEA2de3ufByOeT-CrjGH4ubTNnYnE3qf4ZoZZJz0KtMT6fPskHVUvmI47QRwaqArbLu9oxG5cqilo2A4O1PMpsnVpeAlqqXxXAydmj3OVRrrNu-ldlBBMXvB-z3xDImXxT7LcLhp1GLEz3e9Ej2pfWzvD4lujtyDGL6V4AsuanNLhtLdYrCoNtujX9mfkUyEuisN6LsViuWLyRHUh9N5Jcph9mYADcnJ72ikCINzzOPGqWX2VcnOBofyGzfILM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://brickshelf.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B13 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 18:24:54 GMT

GET
H3 200 g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js Show response
pagead2.googlesyndication.com/bg/ Frame 14D0 37 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/g3YyfgUK0ye4_zZ0TZo1Byqq3c9tr_Gw3_pcFoz461A.js

Requested by

Host: brickshelf.com
URL: https://brickshelf.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date: Tue, 08 Aug 2023 18:24:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14577
x-xss-protection: 0
last-modified: Mon, 24 Jul 2023 13:39:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 07 Aug 2024 18:24:54 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 568E 0
17 B 18ms
17ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~ll2no5dc&c=3079768050246&slotId=1539884025123&qqid=CM-7y5LdzYADFYROHgId2v0KjQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=988&mt=video%2Fmp4&vs=640x360&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.1ch~vil.1jk~vfl.1lv&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230710_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:26 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C13A 42 B
64 B 118ms
118ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3QCs0xpy-DRU6yL-44BI8cBvwRiqvGEpCeh0EQu0pu0jqADIG635BW5qSKLsQKq_BLUEdcq9z-LmxOInOH9avy10OIeop4sPx8rd1QuSfFYh_ZABUjwugpZYsCTGxd7s&sai=AMfl-YTPYA1pZy_bRJdInWWmVg2v3PfcpJ43IkRraW-kbuiyfUyaloSudyXdwMuGL5pKGxsVnQFvidVtpOj5&sig=Cg0ArKJSzFZ7Bs1HLmDaEAE&cid=CAQSGwBpAlJWJkcld7WxudEP_Kxc4qQFsJq-q185-RgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=981,1000,1000,1000,1000&tos=981,19,0,0,0&v=20230807&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1691520564978&rpt=919&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 08 Aug 2023 18:49:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.brickshelf.com/	1970-01-20 23:28:00	Name: token Value: logout
.brickshelf.com/	1970-01-20 23:13:36	Name: __gads Value: ID=2a3c42dc54a02bf6-2286dffe94e30050:T=1691520563:RT=1691520563:S=ALNI_Mb3_1RNfNTkDjBWQIWKJQIfy9EqPw
.brickshelf.com/	1970-01-20 23:13:36	Name: __gpi Value: UID=00000d8989ae29d2:T=1691520563:RT=1691520563:S=ALNI_MZMJsdUd45EuOtXa99LEqalK-stpQ
.doubleclick.net/	1970-01-20 23:13:36	Name: IDE Value: AHWqTUmo3DJQUuToN5S11TdJa3p9Y87U_nv7R-8KEjLTmxWFQ_xeONbcjlCF_U7o
.casalemedia.com/	1970-01-20 22:37:36	Name: CMID Value: ZNKONS2zkLro.m8AsAi7qAAA
.casalemedia.com/	1970-01-20 16:01:36	Name: CMPS Value: 3207
.casalemedia.com/	1970-01-20 16:01:36	Name: CMPRO Value: 3207
.adnxs.com/	1970-01-20 16:01:36	Name: uuid2 Value: 3462120794038097036
.adnxs.com/	1970-01-20 16:01:36	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilgf0@sr!]tbPl1M>e)ZlrFUfJ+tGXxo3VYdPT:XHc4Dv<T^DdEG`>n]6aaaUhZZoAW_3If)y3KL9D3I?+LFgqA%
.doubleclick.net/	1970-01-20 18:11:12	Name: APC Value: AfxxVi5uEusunTCsNnmX7nfdMPEujk-JI2SrzridDCCYDGYaDitkzw

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bid.g.doubleclick.net
brickshelf.com
cm.g.doubleclick.net
csi.gstatic.com
dsum-sec.casalemedia.com
fonts.googleapis.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imasdk.googleapis.com
pagead2.googlesyndication.com
partner.googleadservices.com
r2---sn-5hnednss.c.2mdn.net
s0.2mdn.net
tpc.googlesyndication.com
www.brickshelf.com
www.facebook.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.185.194
172.217.16.194
185.80.39.216
2001:4838:0:1b::204
2001:4860:4802:32::3
2a00:1450:4001:806::2002
2a00:1450:4001:809::2006
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2002
2a00:1450:4001:810::2003
2a00:1450:4001:81c::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::200a
2a00:1450:4001:831::2002
2a00:1450:400e:1b::7
2a03:2880:f176:181:face:b00c:0:25de
37.252.171.85
74.125.133.157
079453eb054763cefea245654f25a28afc9f340568a06457439426a973cff9fe
07acef684b6b3e25852c216204375f8def11e9a93ef3bba3402fb8f621377929
08b0f1d846e718fa3b2fff0c20af225043318cafa49592a1575f725a1b8b20b2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18e7a53e3b3abd7ac0242719f7f62cb56b8efe7065091585b8ad22cbc2b8c41c
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
289eaaf84993733e50b752db0ff63b63cf9639c5b36df0b08bbe73054a5ebdba
29c99771c81466150d55d307a9b0e12cfdab8240a9c65a80b764c1d58965406f
2b0a10b03256abb6748200f4377a886afd7b3939c6cbadd694010728be400b65
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2e64c0abdf0ef194a336a826b2714a5f1aee05a84e549e5eef06c2855231c652
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31bd62a78d2193b716cae594121cfd26c97460ee277e0ccfb0ed890614c811e7
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b82a7615b78d0ee6772f03ed497eaa4f0cb02cf24a0a133488af4fd784912e5
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55aeaef55cbcba42f2e080df104d197b553851b348da61ea2a03b982e77d5eb6
5b5727c13749386cf05296d1b4108cd1884a744abc78304db6122beb5ad16fb1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6269bf2da19aa47caf068f998e30c3d102a460c1c0fb68cf05f35ecbf73c5c10
65d8a4efd998a20e2622dd7d263b49891e9ac7f9e7c7049faf157138a26a3b6f
694232a260aae79863960cde335169eda08872773c6f3fc63a4c16edfcf9a477
6dbab2f43a743688a42aead2a2bb9254b9d7827fbe086721ac6057611ebb39fb
770d11e661ef87f130fb81db0c45587c84b6a9e4951fcde4372950bcf39dcbe0
8376327e050ad327b8ff36744d9a35072aaaddcf6daff1b0dffa5c168cf8eb50
9278ee0a91cf49cab1fcafd47c3b9875e683dbe7a26e3ffa83c9e671b75ca28e
98d2e3edd14aa506c4521125c7cdb7bb3030d7caae5803feec6d2613195ee955
9b279f62d8ab632481b6d6fda4c49c8b9ee7fd77988c13e4b8baa7007d37b10c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a30983f29e3d41483cfb0127610f9b46e689f23309f0b34fc6453c41304225aa
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c94a219e342f7d1e8918fe6a9964f7d804cbe570878cd2613a929cddb3cbcc86
d07adafdc2b5c666ad4da67bfc5a31f48407d04a16d2830fa63c31c4a5b7e319
df1f8f3481046378631e82cead0677806354c576a364c31e3f64f776d6f5b388
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53cbdc5b72a38b203ea1f6d709cb437bfb82d50f14f2ae86e50b73b74146f6b
e786c45b89aea595d201965d38449e833db046aca0ed3c147fa5c94e08f8a79e
e98c0d22ad85bf205d6781eb3b61d805dba90e8a03d6ad62362e047030825334
eb4c27d87e579484a80e7068ade3e23c9fb5ac91a219efd3140097f522efd2ba
eee0766eb46bef89556b2773fdce2c71988c9273f80d5de1220ccab62ff59e7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f075556268f775b48443b1808a158384ff049478273aa294284eaf9f1d121ef5
f2afc9ac73c644d48e790a39acf19a2f4482c2a6c28d784824b9a164f74cffbf

brickshelf.com Open in urlscan Pro 2001:4838:0:1b::204 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

82 Requests

94 %HTTPS

75 %IPv6

12 Domains

21 Subdomains

20 IPs

4 Countries

3180 kBTransfer

5109 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

brickshelf.com Open in urlscan Pro
2001:4838:0:1b::204 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

94 %
HTTPS

75 %
IPv6

12
Domains

21
Subdomains

20
IPs

4
Countries

3180 kB
Transfer

5109 kB
Size

10
Cookies

82 HTTP transactions
1 data transactions