URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%...
Submission Tags: falconsandbox
Submission: On October 05 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 3 countries across 10 domains to perform 81 HTTP transactions. The main IP is 58.121.85.143, located in Seocho-gu, Korea, Republic Of and belongs to SKB-AS SK Broadband Co Ltd, KR. The main domain is encryptdrive.booogle.net.
This is the only time encryptdrive.booogle.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
14 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
14 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
13 pagead2.googlesyndication.com encryptdrive.booogle.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
6 fonts.gstatic.com fonts.googleapis.com
6 encryptdrive.booogle.net encryptdrive.booogle.net
5 www.gstatic.com googleads.g.doubleclick.net
4 www.google.com 3 redirects tpc.googlesyndication.com
4 apis.google.com encryptdrive.booogle.net
apis.google.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 fonts.googleapis.com googleads.g.doubleclick.net
3 iblogbox.github.io encryptdrive.booogle.net
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
1 ssl.gstatic.com accounts.google.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com encryptdrive.booogle.net
81 17

This site contains links to these domains. Also see Links.

Domain
drive.google.com
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.googleadservices.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google.de
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.apis.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
accounts.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh
www.google.com
GTS CA 1C3
2021-09-13 -
2021-11-20
2 months crt.sh

This page contains 15 frames:

Primary Page: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Frame ID: 60859414DAC0926D8A89890AFA6B8158
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210929/r20190131/zrt_lookup.html
Frame ID: FE5B55D57D2CC8AFF943DDCF0B939D03
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Frame ID: 7CE20EC7F229DF0D24117F466E8E4193
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Frame ID: E1784A87B5CC183E5D05ABA791C4B4C0
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Frame ID: 4702ED5C074CE17B39C45E09ACABF381
Requests: 14 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 16259A5FE9DE616E6E28B4E24142F6CD
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8F743378F268D5176630EB33E3574AE9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AECB3C1947F147A663EBA19DE48157A7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6967C3B103C8487FB9E4613043F8FD28
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&adk=1812271804&adf=3025194257&lmt=1633419544&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&ea=0&flash=0&pra=7&wgl=1&dt=1633419544490&bpp=1&bdt=2753&idt=1&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D233937c46116847b-22e9ea05e6ca00c2%3AT%3D1633419542%3ART%3D1633419542%3AS%3DALNI_Mbk1hKi0ptf3oE4dq8JLf2Jz1cYig&prev_fmts=728x90%2C798x280&prev_slotnames=2527852709&nras=1&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&psts=AGkb-H8wvpOvr-JK0SWkhx-7dITxgE_0wc3-pcagYNryRtrDYzfZv_ZR4SDPt1TyLbVbmOiZVZsAw51J0Fw%2CAGkb-H-ODz4Y3JsCD6ZEenkTKqdcEO5ht-p1tt0Zm00f83yhx_OJeO8ToKUBb2yoGyLx4Q51c7mRKSo0sw%2CAGkb-H9H-jj-lm0beiY_HS_tjy__wknnl7uEeNqHba4VAvrSMXr-UZbvTWFceINRClKlZaJ4E3fDpAnIm8w&pvsid=1768437898478729&pem=922&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=6
Frame ID: 147D9936656D7D87773A90F24E72BA15
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: 1BD205BC5D5FD1377CC87C92021CDBCF
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: 13F2B96DB415593DDEAF926272B107C5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Frame ID: 6F9A4DBEA13CEE252A1D6E37CFA1BF5B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8D5687A207EEF291C6FA641C019C53BC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 525F2931BB751599B741E2106DE70824
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Encrypt, Decrypt files with Drive

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

81
Requests

86 %
HTTPS

88 %
IPv6

10
Domains

17
Subdomains

18
IPs

3
Countries

1033 kB
Transfer

2545 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 48
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 58
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

81 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
encryptdrive.booogle.net/
56 KB
56 KB
Document
General
Full URL
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
58.121.85.143 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache/1.3.37 (Unix) PHP/4.4.1 / PHP/4.4.1
Resource Hash
95a372572e6002b6b7f153eed6f0ce089f9214243fda6e7e664b71e4ebb85e2d

Request headers

Host
encryptdrive.booogle.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 05 Oct 2021 10:35:15 GMT
Server
Apache/1.3.37 (Unix) PHP/4.4.1
X-Powered-By
PHP/4.4.1
Connection
close
Transfer-Encoding
chunked
Content-Type
text/html
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.8.3/
91 KB
34 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 30 Sep 2021 12:19:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415170
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33593
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Fri, 30 Sep 2022 12:19:31 GMT
all.js
iblogbox.github.io/js/encryptdrive/
36 KB
12 KB
Script
General
Full URL
http://iblogbox.github.io/js/encryptdrive/all.js
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2d019cdd30653e5526b9a6e6a627c5909c54a4ac3ce1cf83480fc35a1d679080

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Fastly-Request-ID
3ea97d21cde634e58e721cb65459afac3650fc93
Date
Tue, 05 Oct 2021 07:39:01 GMT
Content-Encoding
gzip
Age
0
X-Cache
MISS
Connection
keep-alive
Content-Length
11164
X-Served-By
cache-fra19123-FRA
Access-Control-Allow-Origin
*
Last-Modified
Sun, 04 Apr 2021 08:12:43 GMT
Server
GitHub.com
X-GitHub-Request-Id
0AA8:F6D1:20541B:21EEF4:615C00AF
X-Timer
S1633419542.805741,VS0,VE84
ETag
W/"606974fb-90cf"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Via
1.1 varnish
expires
Tue, 05 Oct 2021 07:47:19 GMT
Cache-Control
max-age=600
permissions-policy
interest-cohort=()
Accept-Ranges
bytes
x-origin-cache
HIT
x-proxy-cache
MISS
X-Cache-Hits
0
jquery.alerts.css
encryptdrive.booogle.net/js/dialogs/
1 KB
1 KB
Stylesheet
General
Full URL
http://encryptdrive.booogle.net/js/dialogs/jquery.alerts.css
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
58.121.85.143 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache/1.3.37 (Unix) PHP/4.4.1 /
Resource Hash
b2a6d0388fbf0b38731d1fc82ba4df8ad7c22ec58251548a3b4818a5912eb6e2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
encryptdrive.booogle.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 10:35:16 GMT
X-Pad
avoid browser bug
Last-Modified
Fri, 30 Jan 2015 13:39:12 GMT
Server
Apache/1.3.37 (Unix) PHP/4.4.1
ETag
"37a5f3-422-54cb8980"
Content-Type
text/css
Connection
close
Accept-Ranges
bytes
Content-Length
1058
jquery.alerts.js
encryptdrive.booogle.net/js/dialogs/
8 KB
8 KB
Script
General
Full URL
http://encryptdrive.booogle.net/js/dialogs/jquery.alerts.js
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
58.121.85.143 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache/1.3.37 (Unix) PHP/4.4.1 /
Resource Hash
de8902a9ac9f84bd5b31ff552735635830141b8765352e56f3edfa07869334b9

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
encryptdrive.booogle.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
*/*
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 10:35:16 GMT
Last-Modified
Fri, 11 May 2018 15:43:07 GMT
Server
Apache/1.3.37 (Unix) PHP/4.4.1
ETag
"37a5f4-2079-5af5ba0b"
Content-Type
application/x-javascript
Connection
close
Accept-Ranges
bytes
Content-Length
8313
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6afd58496691b9b34dd37e23aadfdfd3f89888a590fdac3b6ef57e654934354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51130
x-xss-protection
0
server
cafe
etag
9029773691706613624
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 07:39:02 GMT
logo65.png
encryptdrive.booogle.net/img/
3 KB
3 KB
Image
General
Full URL
http://encryptdrive.booogle.net/img/logo65.png
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
58.121.85.143 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache/1.3.37 (Unix) PHP/4.4.1 /
Resource Hash
d6f90d4803b5cc24c1644396dd16652e0218d0fc12c98114385a7e54ce84cc80

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
encryptdrive.booogle.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 10:35:16 GMT
X-Pad
avoid browser bug
Last-Modified
Fri, 30 Jan 2015 15:11:17 GMT
Server
Apache/1.3.37 (Unix) PHP/4.4.1
ETag
"37a5f5-c25-54cb9f15"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
3109
show_ads.js
pagead2.googlesyndication.com/pagead/
113 KB
40 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53d694aef795b6f24344adfb29636ee0d12c4b668223c31d5e93f3910f11e9f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 05 Oct 2021 07:39:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
13812679520956374999
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
40740
X-XSS-Protection
0
Expires
Tue, 05 Oct 2021 07:39:02 GMT
product16.png
iblogbox.github.io/js/gdrive/
2 KB
2 KB
Image
General
Full URL
http://iblogbox.github.io/js/gdrive/product16.png
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
0aed40d94486ed73e081efab4b6b3eff34c10324d50aabfd80ffa56cb9e5c3de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Fastly-Request-ID
2f3e8cba46137d5b7b362514dbaed088e22ee021
Date
Tue, 05 Oct 2021 07:39:02 GMT
Via
1.1 varnish
Age
471
X-Cache
HIT
Connection
keep-alive
Content-Length
1551
X-Served-By
cache-fra19123-FRA
Last-Modified
Sun, 04 Apr 2021 08:12:43 GMT
Server
GitHub.com
X-GitHub-Request-Id
A770:A85E:49515B:5349FB:615A8AC7
X-Timer
S1633419543.590004,VS0,VE0
ETag
"606974fb-60f"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
expires
Mon, 04 Oct 2021 04:57:36 GMT
Cache-Control
max-age=600
permissions-policy
interest-cohort=()
Accept-Ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
X-Cache-Hits
2
commit.png
encryptdrive.booogle.net/images/
653 B
937 B
Image
General
Full URL
http://encryptdrive.booogle.net/images/commit.png
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
58.121.85.143 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache/1.3.37 (Unix) PHP/4.4.1 /
Resource Hash
c34b7397b94cb8078d8ca61e9140a32eb6b444df410a614e06d4849d8bd3a17b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
encryptdrive.booogle.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 10:35:16 GMT
X-Pad
avoid browser bug
Last-Modified
Fri, 30 Jan 2015 04:21:51 GMT
Server
Apache/1.3.37 (Unix) PHP/4.4.1
ETag
"37a569-28d-54cb06df"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
653
close.png
encryptdrive.booogle.net/images/
691 B
975 B
Image
General
Full URL
http://encryptdrive.booogle.net/images/close.png
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
58.121.85.143 Seocho-gu, Korea, Republic Of, ASN9318 (SKB-AS SK Broadband Co Ltd, KR),
Reverse DNS
Software
Apache/1.3.37 (Unix) PHP/4.4.1 /
Resource Hash
72397b50b0d93c1df9ba08e23ff88caf48a1664d7ec88876ea083e4d96ca4ed8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
encryptdrive.booogle.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Connection
keep-alive
Cache-Control
no-cache
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 05 Oct 2021 10:35:16 GMT
X-Pad
avoid browser bug
Last-Modified
Fri, 30 Jan 2015 04:21:51 GMT
Server
Apache/1.3.37 (Unix) PHP/4.4.1
ETag
"37a567-2b3-54cb06df"
Content-Type
image/png
Connection
close
Accept-Ranges
bytes
Content-Length
691
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
144 KB
51 KB
Script
General
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6afd58496691b9b34dd37e23aadfdfd3f89888a590fdac3b6ef57e654934354
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Tue, 05 Oct 2021 07:39:02 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
9029773691706613624
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
51130
X-XSS-Protection
0
Expires
Tue, 05 Oct 2021 07:39:02 GMT
product20.png
iblogbox.github.io/js/gdrive/
2 KB
2 KB
Image
General
Full URL
http://iblogbox.github.io/js/gdrive/product20.png
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
HTTP/1.1
Server
2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
GitHub.com /
Resource Hash
2a5bafe273098299e3f0185d6d4dddac56c7435d859fe7a745e098b6c9a214f7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

X-Fastly-Request-ID
3a5ed78f7b9950a012e7744cebc3226608f6ff5b
Date
Tue, 05 Oct 2021 07:39:02 GMT
Via
1.1 varnish
Age
470
X-Cache
HIT
Connection
keep-alive
Content-Length
1736
X-Served-By
cache-fra19173-FRA
Last-Modified
Sun, 04 Apr 2021 08:12:43 GMT
Server
GitHub.com
X-GitHub-Request-Id
3C04:B12C:46C9A:A8E0A:61528A3E
X-Timer
S1633419543.597690,VS0,VE0
ETag
"606974fb-6c8"
Vary
Accept-Encoding
Content-Type
image/png
Access-Control-Allow-Origin
*
expires
Tue, 28 Sep 2021 03:22:47 GMT
Cache-Control
max-age=600
permissions-policy
interest-cohort=()
Accept-Ranges
bytes
x-origin-cache
HIT
x-proxy-cache
HIT
X-Cache-Hits
2
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/
257 KB
95 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c067f7ae932ca1f7630bd1a14cc1b196e500ea884ff11b89b0cb8116202ec6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97185
x-xss-protection
0
server
cafe
etag
18119814467345886440
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Oct 2021 07:39:02 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210929/r20190131/ Frame FE5B
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210929/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210929/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 04 Oct 2021 18:14:57 GMT
expires
Mon, 18 Oct 2021 18:14:57 GMT
content-type
text/html; charset=UTF-8
etag
297313706323796346
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4617
x-xss-protection
0
cache-control
public, max-age=1209600
age
48245
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/
201 B
656 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=encryptdrive.booogle.net&callback=_gfp_s_&client=ca-pub-1113541014872557
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
6efb2ea966adf0c6aec38bcda3513dd02e693231b8e1552c2d9ff5912f31598c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
191
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
853 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=encryptdrive.booogle.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 07:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
570 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=encryptdrive.booogle.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 07:39:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7CE2
89 KB
27 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dbe9c0d9f7687313505d9f47155df748c365de4e7a1e657465c80ad693a04cf1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 05 Oct 2021 07:39:03 GMT
server
cafe
content-length
27618
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 05-Oct-2021 07:54:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 07:39:03 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame E178
89 KB
27 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f166221ef0fb5ae1c8df7bce7f6597e64f56b18fc682099402c98a982fd19cc7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 05 Oct 2021 07:39:03 GMT
server
cafe
content-length
27596
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 05-Oct-2021 07:54:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 07:39:03 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame 4702
90 KB
29 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04881768d6768840dbf799381709eface23079f19f35ca78bc255ba1279ca774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 05 Oct 2021 07:39:03 GMT
server
cafe
content-length
29222
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 05-Oct-2021 07:54:02 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 07:39:03 GMT
cache-control
private
client.js
apis.google.com/js/
13 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/client.js?onload=gd_clientload
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2279c0103b198278dae367bcd5e070f957e445fa3e6099a64a4c00e103e31f66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YT4F+VL607Xilvc+7ljCBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"d15ed594923947344f4260fd8319bda9"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-YT4F+VL607Xilvc+7ljCBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Tue, 05 Oct 2021 07:39:03 GMT
api.js
apis.google.com/js/
13 KB
5 KB
Script
General
Full URL
https://apis.google.com/js/api.js?onload=gd_loadpicker
Requested by
Host: encryptdrive.booogle.net
URL: http://encryptdrive.booogle.net/?state=%7B%22ids%22%3A%5B%221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%22%5D%2C%22action%22%3A%22open%22%2C%22userId%22%3A%22109314440340937352391%22%7D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ea498c810a89d16f9c229e093fb2969e4bccb695e68b6810c0095250da07e191
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-deqUZ0VvqmgmjrVQYPzhxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"483b84d960e917135e4576bec632c2c8"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-deqUZ0VvqmgmjrVQYPzhxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Tue, 05 Oct 2021 07:39:03 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/
311 KB
106 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/client.js?onload=gd_clientload
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c70f4d8f51a2419bd5481f7dc4651538c1e1f1f0e7bd9b44622726f0e92100d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 22:38:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
205238
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
107879
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sun, 02 Oct 2022 22:38:25 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=picker/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/
71 KB
22 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=picker/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api.js?onload=gd_loadpicker
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a780301b8cd7a15d35aef424e71af69bcfbc0936a835cc6798d40fb49c48760
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 02 Oct 2021 13:29:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
238175
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22687
x-xss-protection
0
last-modified
Fri, 10 Sep 2021 23:24:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="social-frontend-mpm-access"
expires
Sun, 02 Oct 2022 13:29:28 GMT
iframe
accounts.google.com/o/oauth2/ Frame 1625
513 B
925 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.yUoUa-d8e1E.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCMxrycmnC1khz2ORddaX90UOzgNPA/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0b050dd1e5398eafcaf125b9db79f00e843b56134ffe7d2a518a06ee67d7d3a8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ULMYyjZKGowK8j3ajE9wzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
cookie
NID=511=QZLNWsWutCliAZoVWjvoqQH7P_eZudgNn05xzcN2br6em7MhArV5xVNB5MdyWHK1JX9TmbM2dr68pvpWYXezrVdvXTi8wZVgTOVKljMgXuAIfNJGYKwcn97txVz_M1FnpPXInrK-sX-yu01KgDUscMEXUQ6MjE0ZnHiFd6of1Zc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Tue, 05 Oct 2021 07:39:03 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-ULMYyjZKGowK8j3ajE9wzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
3223131903-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame 1625
115 KB
40 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/3223131903-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b1d5535dd412dbe60f89f44555dd6dc752ac90ab350d4ae9e063134e14a3e47e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 19:52:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42407
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40198
x-xss-protection
0
last-modified
Fri, 01 Oct 2021 16:12:40 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"federated-signon-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/federated-signon-mpm-access"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="federated-signon-mpm-access"
expires
Tue, 04 Oct 2022 19:52:16 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 1625
14 B
172 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=http%3A%2F%2Fencryptdrive.booogle.net&client_id=192033613978-dmr5vne9p00il9e0qss95rqsqqs5q2ji.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/3223131903-idpiframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Tue, 05 Oct 2021 08:39:03 GMT
f14dc7a62bcf992c762f7db4d8023af3.js
www.gstatic.com/mysidia/ Frame 4702
7 KB
4 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/f14dc7a62bcf992c762f7db4d8023af3.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:08:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
477010
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3144
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 19:08:53 GMT
51960db45470192acc393a412d64dac5.js
www.gstatic.com/mysidia/ Frame 4702
8 KB
3 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/51960db45470192acc393a412d64dac5.js?tag=text/vanilla_highlight_holdback
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 01 Oct 2021 21:06:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
297165
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3401
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Thu, 30 Dec 2021 21:06:18 GMT
css
fonts.googleapis.com/ Frame 4702
3 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:22:30 GMT
server
ESF
date
Tue, 05 Oct 2021 07:39:03 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 07:39:03 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 4702
1 KB
959 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:33:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 07:33:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/ Frame 4702
18 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91610ce90ce628a63d157ffdda1e43a4003b6bf4a5a3d5a523abecf89689b0dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7615
x-xss-protection
0
server
cafe
etag
14446477969519093543
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 06:45:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 4702
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 06:57:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4702
122 KB
38 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 07:39:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 4702
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6203
x-xss-protection
0
server
cafe
etag
14739191248580884080
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 07:35:30 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame 4702
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 19:15:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4702
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CseccFgFcYcOFLsKP7_UPkMCx8AHr1oO2ZJWhr5aoDcCNtwEQASD3pbwNYJXikIKgB6ABra6QnwPIAQGoAwHIA8MEqgThAU_QEYdxXkZolTdTJCwTlK7oDjza3WRaadZr_Vd1Izz44C5nCdAamjvBzY2Iog2Jfc0I_pg5S92-c_5JKBqJy0V7BILEAfvBGEa3QI7tCvyWDTlMGn1bpueKRVRz-h4k4lYMBEv0uxqpuKTfWOlWn70xFAvr3395oCGRpQOOybkQo-Kkq8-Qm6OHCrj54hllmdb1n_xEVYoIuk3rWAK-wKZCeG_OVM5ac3_pKW-KRzjCxxrZYM6vmDsmdpv6E0swzcDCS2MPB1L-YX_jfJSH6Y4fZMm4ALRpnPCgLr2pLFDPJMAEpN7CmcwDkgUECAQYAZIFBAgFGASgBlGAB7vR72CoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB9XJG6gHpr4b2AcB8gcFEOymmgrSCAkIgOGAcBABGF-ACgHICwHYEwyIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItMTExMzU0MTAxNDg3MjU1NxgA&sigh=E3VKbwKVj0Y
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 07:39:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 05 Oct 2021 07:39:03 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8F74
143 B
226 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 05 Oct 2021 07:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2328
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8F74
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
144 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlztl36M7zXb2GuZVkSjV7lX490JUJHBe5z-wVMG1Gx3AR2A9cDDEQPpt58Y5A
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 07:39:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 05-Oct-2021 08:39:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 07:39:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 07:39:03 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame E178
3 KB
653 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:23:12 GMT
server
ESF
date
Tue, 05 Oct 2021 07:39:03 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 07:39:03 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame E178
1 KB
913 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:33:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 07:33:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/ Frame E178
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91610ce90ce628a63d157ffdda1e43a4003b6bf4a5a3d5a523abecf89689b0dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7615
x-xss-protection
0
server
cafe
etag
14446477969519093543
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 06:45:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame E178
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 06:57:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E178
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 07:39:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame E178
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6203
x-xss-protection
0
server
cafe
etag
14739191248580884080
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 07:35:30 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame E178
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 19:15:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E178
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNiM9FgFcYeXRLZ-d9u8PibeQyAPr1oO2ZN2ir5aoDcCNtwEQASD3pbwNYJXikIKgB6ABra6QnwPIAQGoAwHIA8MEqgTgAU_Qceamfb9n4aOK3f5e29SL5Z4160KNpi6dLoiVUwQoxbzjIgbzj9V-CItqtp7aYLuwkSmXYZ-A7OOTxIFLeUCWXV3LxUvil_H8tRv-nmvrPqSO57ahoSTX3BL7SQJqVO_hiveUm2yqYeVIwB-Ji_ZKBbQrtk04ij2yP1LhpDmXVxQpYUhvWI7JWJmtd47jVZGEL1Xrv5bU11TEwolvyq9kDlnp15A4EL-N8JXfS26PMg34TRFjXCgN77Ie3lZK8w6-6A2Y8-16lB9GYW5wOnvS3b2sy_6ErrPU3yKvl0CLwASk3sKZzAOSBQQIBBgBkgUECAUYBKAGUYAHu9HvYKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwUQ3_KiDtIICQiA4YBwEAEYX4AKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTEzNTQxMDE0ODcyNTU3GAA&sigh=vOgJd-gYjUU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 07:39:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame AECB
143 B
198 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlztl36M7zXb2GuZVkSjV7lX490JUJHBe5z-wVMG1Gx3AR2A9cDDEQPpt58Y5A; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 05 Oct 2021 07:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2328
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame AECB
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
144 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlztl36M7zXb2GuZVkSjV7lX490JUJHBe5z-wVMG1Gx3AR2A9cDDEQPpt58Y5A; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 07:39:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 05-Oct-2021 08:39:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 07:39:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 07:39:03 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
css
fonts.googleapis.com/ Frame 7CE2
3 KB
653 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 07:25:15 GMT
server
ESF
date
Tue, 05 Oct 2021 07:39:03 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Tue, 05 Oct 2021 07:39:03 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 7CE2
1 KB
913 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:33:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
355
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
852
x-xss-protection
0
server
cafe
etag
14170629819630813772
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 07:33:08 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/ Frame 7CE2
18 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
91610ce90ce628a63d157ffdda1e43a4003b6bf4a5a3d5a523abecf89689b0dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:45:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3223
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7615
x-xss-protection
0
server
cafe
etag
14446477969519093543
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 06:45:20 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 7CE2
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 06:57:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1358
x-xss-protection
0
server
cafe
etag
15351394696698642166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 06:57:46 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7CE2
122 KB
37 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37846
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1632957210746890"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Oct 2021 07:39:04 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/ Frame 7CE2
14 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210929/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:35:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
213
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6203
x-xss-protection
0
server
cafe
etag
14739191248580884080
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 07:35:30 GMT
8400539943eb1c96fa551c508d61e34e.js
www.gstatic.com/mysidia/ Frame 7CE2
26 KB
11 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/8400539943eb1c96fa551c508d61e34e.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 29 Sep 2021 19:15:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
476617
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11136
x-xss-protection
0
last-modified
Wed, 29 Sep 2021 18:59:01 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="mysidia"
expires
Tue, 28 Dec 2021 19:15:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7CE2
0
0
Fetch
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CrnWMFgFcYcaXLfuT7_UPjqaj6A_r1oO2ZJWhr5aoDcCNtwEQASD3pbwNYJXikIKgB6ABra6QnwPIAQGoAwHIA8MEqgTdAU_QXRwS12cU6HxNS92of1VOKS7JjADJBZR1QKaJcTJORtwSjV-XGhdZRTjz8oHOQKsNqEyv-irr_R3RKjJwCAHTJkwiNBZdjzCHi-LOjBTVpgIf5mtw8a7q8hueujLEquRpyD1EAoS7z4TQmE7cRitHAzRaKtJzPwxRTGtMT2arqEvqeiLRTLbrrJtfinjFFhue3-VxA0N-Xsk54PIuA4TOwH3OWHaMp5hXHfTAYCRGiQgU8MkPH5gnt-OlYjXYZepLOvk_eAPxlmi6y4e24mApsZKSRPf9FMAvwC-ewASk3sKZzAOSBQQIBBgBkgUECAUYBKAGUYAHu9HvYKgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgH1ckbqAemvhvYBwHyBwUQ3KugHdIICQiA4YBwEAEYX4AKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xMTEzNTQxMDE0ODcyNTU3GAA&sigh=k8pBFbKRQpw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 05 Oct 2021 07:39:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 6967
143 B
198 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlztl36M7zXb2GuZVkSjV7lX490JUJHBe5z-wVMG1Gx3AR2A9cDDEQPpt58Y5A; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Tue, 05 Oct 2021 07:00:15 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2328
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 6967
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
144 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si?st=NO_DATA
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlztl36M7zXb2GuZVkSjV7lX490JUJHBe5z-wVMG1Gx3AR2A9cDDEQPpt58Y5A; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 07:39:03 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Tue, 05-Oct-2021 08:39:03 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 05 Oct 2021 07:39:03 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 07:39:03 GMT
server
safe
content-length
257
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4702
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6bf74b21c9e42e970285aa7534767c7c906d840b707de482300dd5feeb1b5fd1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 4702
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:44:05 GMT
x-content-type-options
nosniff
age
600899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 08:44:05 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 4702
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:08:17 GMT
x-content-type-options
nosniff
age
12647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:08:17 GMT
truncated
/ Frame E178
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1c9bf9cfbabdfc194f5403453f72b3420285b2aa60a2946935904532c07b28ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 7CE2
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf778598c4915dd4344ad2aed5cb10110253162e9d6f149be80a49a8cacbb39f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 7CE2
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:44:05 GMT
x-content-type-options
nosniff
age
600899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 08:44:05 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 7CE2
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:08:17 GMT
x-content-type-options
nosniff
age
12647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:08:17 GMT
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E178
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 28 Sep 2021 08:44:05 GMT
x-content-type-options
nosniff
age
600899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 28 Sep 2022 08:44:05 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame E178
21 KB
21 KB
Font
General
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 04:08:17 GMT
x-content-type-options
nosniff
age
12647
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 04:08:17 GMT
integrator.js
adservice.google.de/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=encryptdrive.booogle.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
165 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=encryptdrive.booogle.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 147D
0
53 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&adk=1812271804&adf=3025194257&lmt=1633419544&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&ea=0&flash=0&pra=7&wgl=1&dt=1633419544490&bpp=1&bdt=2753&idt=1&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D233937c46116847b-22e9ea05e6ca00c2%3AT%3D1633419542%3ART%3D1633419542%3AS%3DALNI_Mbk1hKi0ptf3oE4dq8JLf2Jz1cYig&prev_fmts=728x90%2C798x280&prev_slotnames=2527852709&nras=1&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&psts=AGkb-H8wvpOvr-JK0SWkhx-7dITxgE_0wc3-pcagYNryRtrDYzfZv_ZR4SDPt1TyLbVbmOiZVZsAw51J0Fw%2CAGkb-H-ODz4Y3JsCD6ZEenkTKqdcEO5ht-p1tt0Zm00f83yhx_OJeO8ToKUBb2yoGyLx4Q51c7mRKSo0sw%2CAGkb-H9H-jj-lm0beiY_HS_tjy__wknnl7uEeNqHba4VAvrSMXr-UZbvTWFceINRClKlZaJ4E3fDpAnIm8w&pvsid=1768437898478729&pem=922&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=6
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-1113541014872557&output=html&adk=1812271804&adf=3025194257&lmt=1633419544&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&ea=0&flash=0&pra=7&wgl=1&dt=1633419544490&bpp=1&bdt=2753&idt=1&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D233937c46116847b-22e9ea05e6ca00c2%3AT%3D1633419542%3ART%3D1633419542%3AS%3DALNI_Mbk1hKi0ptf3oE4dq8JLf2Jz1cYig&prev_fmts=728x90%2C798x280&prev_slotnames=2527852709&nras=1&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&psts=AGkb-H8wvpOvr-JK0SWkhx-7dITxgE_0wc3-pcagYNryRtrDYzfZv_ZR4SDPt1TyLbVbmOiZVZsAw51J0Fw%2CAGkb-H-ODz4Y3JsCD6ZEenkTKqdcEO5ht-p1tt0Zm00f83yhx_OJeO8ToKUBb2yoGyLx4Q51c7mRKSo0sw%2CAGkb-H9H-jj-lm0beiY_HS_tjy__wknnl7uEeNqHba4VAvrSMXr-UZbvTWFceINRClKlZaJ4E3fDpAnIm8w&pvsid=1768437898478729&pem=922&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=4&uci=a!4&fsb=1&dtd=6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUlztl36M7zXb2GuZVkSjV7lX490JUJHBe5z-wVMG1Gx3AR2A9cDDEQPpt58Y5A; DSID=NO_DATA; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 05 Oct 2021 07:39:04 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/
11 KB
9 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210929&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
21009311cac8b1fb7054040a7325db16440fedb722ce6b189c044d4b7e655b76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 05 Oct 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8621
x-xss-protection
0
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 1BD2
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=280&slotname=2527852709&adk=3981156342&adf=3469080882&pi=t.ma~as.2527852709&w=798&fwrn=4&fwrnh=100&lmt=1633419542&rafmt=1&psa=0&format=798x280&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1633419542641&bpp=4&bdt=904&idt=91&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=401&ady=1117&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=9kwCwJHfyf&p=http%3A//encryptdrive.booogle.net&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 07:36:24 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 13F2
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=3710793829&adf=3059968214&pi=t.ma~as.2527852709&w=728&lmt=1633419542&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542590&bpp=21&bdt=852&idt=110&shv=r20210929&mjsv=m202109290101&ptt=5&saldr=sa&abxe=1&correlator=4020324422734&frm=20&pv=2&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=436&ady=292&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7Ce%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=aIyd7cUrzh&p=http%3A//encryptdrive.booogle.net&dtd=128
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 07:36:24 GMT
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 6F9A
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1113541014872557&output=html&h=90&slotname=2527852709&adk=4083878888&adf=3333712924&pi=t.ma~as.2527852709&w=728&lmt=1633419542&psa=0&format=728x90&url=http%3A%2F%2Fencryptdrive.booogle.net%2F%3Fstate%3D%257B%2522ids%2522%253A%255B%25221pEV_0ihtLhmbhHwePWiLOjLMDBDJ74oH%2522%255D%252C%2522action%2522%253A%2522open%2522%252C%2522userId%2522%253A%2522109314440340937352391%2522%257D&flash=0&wgl=1&dt=1633419542627&bpp=2&bdt=890&idt=97&shv=r20210929&mjsv=m202109290101&ptt=9&saldr=aa&abxe=1&prev_slotnames=2527852709&correlator=4020324422734&frm=20&pv=1&ga_vid=350836449.1633419543&ga_sid=1633419543&ga_hid=212346708&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java=0&u_nplug=3&u_nmime=4&adx=438&ady=33&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066430%2C31062369%2C31063015&oid=2&pvsid=1768437898478729&pem=922&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CEe%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=eUDlmnIKTF&p=http%3A//encryptdrive.booogle.net&dtd=101
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 07:36:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202109290101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-1113541014872557&plah=encryptdrive.booogle.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:39:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 05 Oct 2021 07:39:04 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8D56
12 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 05 Oct 2021 07:36:34 GMT
expires
Wed, 05 Oct 2022 07:36:34 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
150
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 525F
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
8674e526eb7089d26ef4dc9f8cd3c5b5231738e36cb7a23f889aafb929e4e431
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-q0skw+JhJQzKpyBPPNVOkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://encryptdrive.booogle.net/
accept-encoding
gzip, deflate, br
cookie
NID=511=QZLNWsWutCliAZoVWjvoqQH7P_eZudgNn05xzcN2br6em7MhArV5xVNB5MdyWHK1JX9TmbM2dr68pvpWYXezrVdvXTi8wZVgTOVKljMgXuAIfNJGYKwcn97txVz_M1FnpPXInrK-sX-yu01KgDUscMEXUQ6MjE0ZnHiFd6of1Zc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 05 Oct 2021 07:39:04 GMT
date
Tue, 05 Oct 2021 07:39:04 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-q0skw+JhJQzKpyBPPNVOkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
pagead2.googlesyndication.com/bg/ Frame 8D56
35 KB
13 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/BPTeJxusP8cOnE_s5L3ABe2tIpKd1NVDJBlhKS7pwaI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 07:36:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13343
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 10:18:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 05 Oct 2022 07:36:24 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 525F
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20210929&jk=1768437898478729&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210929&jk=1768437898478729&bg=!gYKlgsbNAAZE-GIIRPg7ACkAdvg8WueFJLzcQ8BnAKX3_WR_yLv0_UiKDcPXchpEtKra0Kf2DLW-2QIAAABmUgAAAAxoAQeZAsBjDJED13OZLS9Y6SURDBobVL98KjSBtmWKByj78_7F07iPkaxXH22RHT5xl9A-_ruJWt4Ld9DMczdL8LwZEvlVTbF8VIYZK1vyk59KIO7jsWFx2u9b4wssfoEpf8cbpNUDs6c0mNS_dY0K-PEfXbKpbq62CgbRbgSXQWM8dfUlv04ZrbOW2kcYHtpo0crQ_z2liqQiQGxC9yyqUrfOjEhiKe2lYN0VYfudF_tZFEYnhxRZuHgKa4xxU428VFVgqLoI1QyfXZKsw_kSZYD_k9G8MCXcFhRP_gqC0-8KxxHrBEjAbs_O8ZZjzXfcNCRE2tjHlaWpD3nCm0yv3ASpHbU4prvcgnEn1F0vq6j49X4k3RePR1Cyvh2c5GLyuSWwl2LqscCwAN6UwfIQp2Uz_wVx9cULaeXc-SqixDpEZu5RkvLZ5vFP-peQwyfXaw86At4Jd9wc1ZeR1LMfukXBMRnk58GWQaccIh4Yam3mMCoAJLK6UC8oa8x7YgryvcMeTkn4c8afIHJ5JMb1EHVu-LyCaaiCOoAT-9SI3HC4_zE8hI1DKfwFbR6sB48w19gwTKa2MUoezEEJpi7IFs-1DUumiOsC3zvKJJEIVL4xtcRCuaTfjBJ6Y9TFTONZNnfqsBEce4xmVLkmT7vqMtBhyEV886bwYfJNLLve1VMVG3qGpTGJzi4a83PEFTxZBtxH_QnSi7DU9mEtvpnU2ENXrdvTxW8ULwcusZ2_zam-yuhghufsS17GrQDT6JjXC5PH8fO0knxPcAlAV8efo1_lfM8ZR4R9AoGnIqjMWxh6vXB-dKW26FV6QafUyzUmYlQb34QfmHyaJU06mFzaF19Co5s043ZKqqWLQsSj0fa6-cZRGYw95kdVSR7Ss_g-YoCMe-zl_Kyk1SS51La4Ufc_Zlz4vMru8hzOot4ipiHW-VLXVQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://encryptdrive.booogle.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

activeview
pagead2.googlesyndication.com/pcs/ Frame 7CE2
42 B
174 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBBLVMwHMDrN-q5CFoufuTZ9BEpU278MdrW9qbsngPeKguSlE2tii8b4ilut4cyYaLh-K0JikFbuHKH6Zmunqt_m9GDm8fpv51TOtLxfTTAave0ublfw&sai=AMfl-YQDc7E618_8BKvhUa1GdyVW-4B9Eo4FgGoCixtfOLfvkvPlje3nFZpQ7mMyJH2RlJHxkT5G6WDln0gY&sig=Cg0ArKJSzA7GoCUtEieoEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3710793829&rs=2&met=mue&la=0&cr=0&vs=4&r=v&rst=1633419542720&rpt=1754
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 07:39:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame E178
42 B
108 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuT4WGoF1WvYwh5b9T3f-3XqqssT9TfyradadYqxC_Ol9nnKpqEgunDvt4l0tZeWRgxPPt6sNfCQMNTY8cGzUCPjp7yCV8MD52PvEcgB87CG9GhiTyXnQ&sai=AMfl-YRNpuIy2V0QqTawNKAD5blIGjTjyXA_Oh5iZoeQHh5bzZMd99nB016vAWkfAMOpAMkzdD4L87y54iBg&sig=Cg0ArKJSzI_1QutFMwoSEAE&id=lidar2&mcvt=1001&p=0,0,90,728&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210929&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=4083878888&rs=2&met=mue&la=0&cr=0&vs=4&r=v&rst=1633419542730&rpt=1758
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Oct 2021 07:39:05 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

327 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| onbeforexrselect boolean| originAgentCluster function| $ function| jQuery function| setCookie function| getCookie function| _getid function| trim function| html_entity_encode function| shortstring function| cutstringmiddle number| messagetimer function| show_message function| hide_message function| setstorage function| getstorage function| fillnumber function| datetimetostring number| hexcase string| b64pad function| hex_md5 function| b64_md5 function| any_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| any_hmac_md5 function| md5_vm_test function| rstr_md5 function| rstr_hmac_md5 function| rstr2hex function| rstr2b64 function| rstr2any function| str2rstr_utf8 function| str2rstr_utf16le function| str2rstr_utf16be function| rstr2binl function| binl2rstr function| binl_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| safe_add function| bit_rol object| Aes object| Base64Ex object| Utf8 function| jAlert function| jConfirm function| jPrompt boolean| gadb function| henc number| g_expires function| init object| adsbygoogle object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map function| get_data function| proc_savetohistory function| proc_displayhistory function| proc_historychange function| proc_deletehistory function| proc_clearhistory function| proc_saveopt function| proc_loadopt function| proc_show function| getValue function| openWindow number| g_logcount undefined| iserror function| proc_log boolean| _gfp_a_ function| google_spfd number| google_lpabyc function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages string| CLIENT_ID object| SCOPES string| gd_developerKey string| gd_mimetype object| gd_export_extension string| gd_state undefined| gd_picker undefined| gd_picker2 boolean| gd_loaded boolean| gd_pickerloaded undefined| gd_lastprogress boolean| gd_issupported undefined| gd_isdownloading number| gd_load_timer undefined| gd_bloburl string| gd_state2 number| gd_loginexp object| gd_callback boolean| ismsie boolean| issafari string| ua function| number_format function| getWindowWidth function| getWindowHeight function| getScrollLeft function| getScrollTop function| gd_btn_login2 function| gd_btn_login function| gd_login_close function| gd_login_manual function| gd_login function| gd_checklogin function| gd_loadpicker function| gd_createpicker function| getsize function| getSupported function| getPrefered object| gd_files number| gd_files_count function| gd_loadfiles undefined| gd_lastidx undefined| gd_uniqid undefined| g_password function| attach_encrypt function| attach_password function| attach_encrypt2 undefined| gworker object| gformats function| getmimetype object| gd_files2 undefined| gfiles2 undefined| gfiledata undefined| gisencrypt undefined| gtitle undefined| gblob undefined| gbloburl function| handleFileSelect2 function| proc_download function| proc_delete function| proc_logincheck function| attach_delete function| attach_clear function| attachment_onchange function| gd_open_picker function| gd_getparam function| gd_open_state function| gd_clientload boolean| gd_open2 function| gd_open_state2 function| gd_loadscript function| gd_reopen function| gd_dblclick string| gd_userId undefined| gd_email function| gd_weburl function| gd_clickweburl function| gd_info function| gd_init string| gfolderid function| proc_setfolder function| init_load object| gapi object| ___jsl object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| googleapis object| google object| googletag object| GoogleGcLKhOms object| google_image_requests

6 Cookies

Domain/Path Name / Value
.booogle.net/ Name: __gads
Value: ID=233937c46116847b-22e9ea05e6ca00c2:T=1633419542:RT=1633419542:S=ALNI_Mbk1hKi0ptf3oE4dq8JLf2Jz1cYig
.google.com/ Name: NID
Value: 511=QZLNWsWutCliAZoVWjvoqQH7P_eZudgNn05xzcN2br6em7MhArV5xVNB5MdyWHK1JX9TmbM2dr68pvpWYXezrVdvXTi8wZVgTOVKljMgXuAIfNJGYKwcn97txVz_M1FnpPXInrK-sX-yu01KgDUscMEXUQ6MjE0ZnHiFd6of1Zc
.encryptdrive.booogle.net/ Name: G_ENABLED_IDPS
Value: google
.doubleclick.net/ Name: IDE
Value: AHWqTUlztl36M7zXb2GuZVkSjV7lX490JUJHBe5z-wVMG1Gx3AR2A9cDDEQPpt58Y5A
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apis.google.com
encryptdrive.booogle.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
iblogbox.github.io
pagead2.googlesyndication.com
partner.googleadservices.com
ssl.gstatic.com
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.181.226
2606:50c0:8001::153
2a00:1450:4001:800::200a
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200d
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
58.121.85.143
04881768d6768840dbf799381709eface23079f19f35ca78bc255ba1279ca774
04f4de271bac3fc70e9c4fece4bdc005edad22929dd4d543241961292ee9c1a2
0aed40d94486ed73e081efab4b6b3eff34c10324d50aabfd80ffa56cb9e5c3de
0b050dd1e5398eafcaf125b9db79f00e843b56134ffe7d2a518a06ee67d7d3a8
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1c9bf9cfbabdfc194f5403453f72b3420285b2aa60a2946935904532c07b28ac
21009311cac8b1fb7054040a7325db16440fedb722ce6b189c044d4b7e655b76
2279c0103b198278dae367bcd5e070f957e445fa3e6099a64a4c00e103e31f66
2911b334d84ae35bdef7cb396241b38425398b6ae5f91f13a72943e805309ab6
2a5bafe273098299e3f0185d6d4dddac56c7435d859fe7a745e098b6c9a214f7
2a780301b8cd7a15d35aef424e71af69bcfbc0936a835cc6798d40fb49c48760
2d019cdd30653e5526b9a6e6a627c5909c54a4ac3ce1cf83480fc35a1d679080
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
53d694aef795b6f24344adfb29636ee0d12c4b668223c31d5e93f3910f11e9f6
5c70f4d8f51a2419bd5481f7dc4651538c1e1f1f0e7bd9b44622726f0e92100d
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
6bf74b21c9e42e970285aa7534767c7c906d840b707de482300dd5feeb1b5fd1
6c067f7ae932ca1f7630bd1a14cc1b196e500ea884ff11b89b0cb8116202ec6a
6efb2ea966adf0c6aec38bcda3513dd02e693231b8e1552c2d9ff5912f31598c
72397b50b0d93c1df9ba08e23ff88caf48a1664d7ec88876ea083e4d96ca4ed8
8674e526eb7089d26ef4dc9f8cd3c5b5231738e36cb7a23f889aafb929e4e431
8806d9eaf9e8ca89fa2404e8cb66a9fa115e0a0f687ad0dcd91cabce4c2179c6
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
91610ce90ce628a63d157ffdda1e43a4003b6bf4a5a3d5a523abecf89689b0dc
95a372572e6002b6b7f153eed6f0ce089f9214243fda6e7e664b71e4ebb85e2d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
ab79f20c51a2afc5bfd43cc8f688ac4708fa6a4495c30405e75b11e8246f6aba
b1d5535dd412dbe60f89f44555dd6dc752ac90ab350d4ae9e063134e14a3e47e
b2a6d0388fbf0b38731d1fc82ba4df8ad7c22ec58251548a3b4818a5912eb6e2
bc322ba85a6aadaede25d30470b5230f8eda5a7d447a5643f188077da628a895
becadbd507adae917ccd1498c88f26a85a348c349c45471af0cf23529b424c70
c178b294f465f8c802b3f20752a384d2304c8628f8908d30ff13d02e861c2442
c34b7397b94cb8078d8ca61e9140a32eb6b444df410a614e06d4849d8bd3a17b
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
cd1aa1b17ad107887c38eedf2e24ab209a184dfd3abdae3484d36e10d74cbbb2
cf778598c4915dd4344ad2aed5cb10110253162e9d6f149be80a49a8cacbb39f
d6afd58496691b9b34dd37e23aadfdfd3f89888a590fdac3b6ef57e654934354
d6f90d4803b5cc24c1644396dd16652e0218d0fc12c98114385a7e54ce84cc80
dbe9c0d9f7687313505d9f47155df748c365de4e7a1e657465c80ad693a04cf1
de8902a9ac9f84bd5b31ff552735635830141b8765352e56f3edfa07869334b9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea498c810a89d16f9c229e093fb2969e4bccb695e68b6810c0095250da07e191
eb35e2fc6b44a1ba314358847a3ecffb044ac056ff0b374ec17856062cc75ee3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f166221ef0fb5ae1c8df7bce7f6597e64f56b18fc682099402c98a982fd19cc7